just a simple question regarding the inline frame component.
does this frame access the source URL through the server on which ignition is running? or does it access the source url from the device that is running the perspective session?
simply, if i want to display a webpage in perspective that is only accessible via the VPN on our server, will this be possible using an inline frame? or will the page be loaded from the user’s device.
it seems to me as well that the inline frame will only load https pages, i haven’t found a single http page that will load in the frame. is that expected behavior?
apologies if this is a very elementary question, but my research has only discussed x header rejections and nothing to do with https vs http.
thank you
It’s entirely done on the local client side. We had a way, in Vision, to ‘proxy’ webcam feeds through the Gateway, so that end users with access to the gateway (but not cameras) could see things - but it’s a massive security hole, just waiting for exploitation.
HTTP vs HTTPS content is up to the browser environment, but it wouldn’t surprise me if the set of browsers that support Perspective also require that you don’t mix protocols for your content. In general, iframes are also a potential security hole and most websites don’t allow you to embed them inside an iframe anyways.
thank you for the response. that is discouraging news at it immensely complicates things for me. was hoping to forward a web UI for a device that requires a handshake from the same subnet, but it now seems like an issue. maybe i can run a webserver at the host to make it public.