Embedding Trino UI into an IFrame

[TonBits]

Not able to go past the login when embedding Trino-UI into an Iframe.

After some investigation, it seems that Trino-UI-Token was not allowed by the browser as the cookie did not specify the SameSite header which defaulted to SameSite=Lax. In order for the browser to retain the cookie within an iframe, the SameSite=None would be needed to enable cross site.

Looking at the code, SameSite was never specified in the code to build the token (which defaults to Lax)

    public NewCookie[] create(String token, Instant tokenExpiration, boolean isSecure)
    {
        Date expiration = Optional.ofNullable(tokenExpiration).map(Date::from).orElse(null);
        ImmutableList.Builder<NewCookie> cookiesToSet = ImmutableList.builder();
        int index = 0;
        for (String part : splitValueByLength(token)) {
            cookiesToSet.add(new NewCookie.Builder(cookieName(index++))
                    .value(part)
                    .path(location)
                    .expiry(expiration)
                    .secure(isSecure)
                    .httpOnly(true)
                    .build());
        }
        return cookiesToSet.build().toArray(new NewCookie[0]);
    }

And it seems these are not configurable at all. So there is really no way to change this other than recompile and rebuild.

Here is the actual error in the browser.

[hashhar]

If we'd ever add explicit SameSite, None is probably opposite of the direction we'd want to go IMO.

cc: @dain

[TonBits]

I agree!

Its not the default that I am looking for. Its the configurability. Right now, there is no way to integrate the trino web console in an iframe other than updating the code and rebuilding it.

There is another way though by adding a proxy server on top of it and do some rewrite. Its just another layer of software that needs to be maintained.