Embed flowable-modeler using iFrame

when I try to embed flowable modeler in my angular app using iFrame, I get below error in browser console

Refused to display ‘http://localhost:8080/flowable-modeler/’ in a frame because it set ‘X-
Frame-Options’ to ‘sameorigin’.

I also tried setting filter in Apache tomcat, which was of no help
Nothing worked except for browser extension that can bypass security headers set to disallow displaying of content from different origin. However, I dont want to use extensions

Can I get any suggestion or help to achieve this

See: How to set ‘X-Frame-Options’ on iframe?

Hi Robinyo, Thanks for the reply! I understand that this is a security limitation. Is there any alternate solution or a method to achieve this. Can we remove those headers ?

Sure, roll your own WebSecurityConfigurerAdapter.

1 Like