Issue with rending an MVC 4 website inside an iFrame - asp.net-mvc-4

We have an existing live MVC 4 website that works exactly as it supposed to, running in an Azure Web Role.
A third party want to embed our site in an iFrame on their site (a small part of it anyway, one form really)
I'm no fan of iFrames but this is what they want to do and our business are happy for them to do it.
Except it doesn't seem to work at all.
So I tested it myself with an html page just running on my machine.=, with just an iFrame and a link to the site.
The default page loads fine. It is a forms login screen, when I submit a login, the site crashes into the exception handing and it doesn't provide much useful information.
I then tried pointing the iFrame at the site running in my dev environment. Submitting the login and debugging into the action, the code flows through correctly, no error and tries to return the correct view, but iframe refreshes to the login screen again.
What could be causing this? What am I missing?

Related

Universal Login in Office Add-in (Excel), exchange not happening - Auth 0

I trying to use Auth0 in a office add-in (React SPA), specifically Excel.
I am using the popup to login instead of the redirect because the redirect doesn’t load in the iframe.
(The error for the iframe is "Refused to frame because an ancestor violates the following Content Security Policy directive: “frame-ancestors ‘none’” ").
The issue I’m having is once I login successfully, the pop just goes white and gets stuck on the login/callback.
I’ve checked the logs, it says a successful log but it doesn’t say anything about an exchange (success or failure).
I’ve tested the pop up on a different application (react web app) and it works perfectly fine.
The login we are using is the Universal Login (the new one, not the classic)
I’m interested in any and all approaches for using the Universal Login in this context.
Thanks

Working with cypress redirect

Situation:
I am writing test automation for a website. There comes a point where there is a link button on my website. Clicking this I am redirected to an external website. There I have to log in and as soon as I do that I am redirected to my original web-page which contains some 'connections' that I need.
Problem:
As soon as cypress clicks on the redirection button it does into a blank page.
Ideal solution:
I would want to automate the entire scenario. If not then at-least a work around.
As suggested in the Cypress Docs, you should really be using cy.request() to log in. You don't control a 3rd party site, and that makes your test very flakey.
For example, a lot of login pages are constantly changing and are A/B tested for the purpose of preventing a bot from logging in, including testing bots. The data:, url is probably the result of a http redirect.
Thankfully, using cy.request() you can 'fake' logging in by making a request to the server through code (which doesn't change as much) and you will never have to leave your app to log in
Here's a recipe for Single Sign-On for example.
Hope that makes sense!

ADFS web authentication loop in IE

I have a mvc4 web app that sits behind ADFS 2.0 authentication, it's configured using the web.config file. The application can be visited by going directly to a URL or as an iframe inside of CRM 2013.
The application works in all (tested) browsers when visiting the URL directly, both redirection to login form and handing the user back to the web app with the proper information in the ClaimsIdentity.
However, when visiting the app as an iframe inside CRM2013, internet explorer goes into a continous login loop. You are asked to provide the credentials (which are the same as for logging in to CRM) and when you click ok you get redirected back to the same login page again, to my knowledge the app never receives the hand off.
In Safari, Chrome, Firefox, and Opera the users are able to log into the application inside of CRM as well as outside without any problems (I'd even go as far as saying that it works better than expected for these browsers).
Does anyone have any idea of what I can try or what the problem could be for IE?
EDIT 1
I'm thinking it has to do with some security setting and am playing around with the settings in IE. Unchecking this box stops the login form from showing in IE at all and I get an empty page instead.
Is the iFrame on the same (sub)domain as the site inside? You can use Fiddler to view your redirect flow, are the cookies added as expected?
I've seen cookies that are overridden by the iFrame host, in that case you lose the auth cookie. Browsers react differently on same domain cookies.
Another problem might be X-Frame-Options, do you see any warning in the F12 console of IE?

How to pass Login With Google Process in Cocoa WebView

I am developing a cocoa app for Mac OSX. It's a basic browser application and I use webview component.
In the page I want to connect, there is standard Login with Google Account button in order to login with my existing Google Account. When I clicked on this button nothing happens.
The same functionality works properly when I visited the same page by using Safari or any other browser but there is no reaction on webview component.
I've checked the action behind the Google's login button and here is the JS code.
onclick="return Dialog.Login.loginWithGoogle(false, 'https://www.mywebsite.com/-/oauth2callback', 'https://www.mywebsite.com/')"
As a part of the standard oauth process the process also has many redirections after this URL is called and normally should be completed at my site's login screen as expected. However, webview doesn't handle this.
Please note that the web site I am trying to connect in my webview is not belong to me and I have no control on it.
I checked many solutions on the web for 2 days but nothing helped.
Any help/hint will be appreciated.

Can I use an IFrame to navigate to an external page in a Windows 8 Metro application?

When I currently try I get the following error, even after adding google as a content URI
APPHOST9613: The App Host was unable to navigate to http://www.google.com/ due to the following error: FORBIDFRAMING.
Response from MSFT:
http://social.msdn.microsoft.com/Forums/en-US/winappswithhtml5/thread/a1cba639-3251-4df8-abd3-b6f6a95ba4ae
You can use Iframe,but you won't get full controll of their JS files,you may have to face some breaking point in such sites, and some sites like google blocking this facility.
Try this,
1. Make your default browser as IE10 which will provide you an App look for IE.
2. trigger an event
function openYourLink() {
var url = new Windows.Foundation.Uri("http://www.google.com")
Windows.System.Launcher.launchUriAsync(url);
}
You can use iframe to navigate to other pages.
<iframe src="http://www.apple.com" />
will do the trick.
However, not every website allows you to put their page in an iframe or they maybe using the top window layer so that their page doesn't support running in an iframe.
In addition, if you are running your code Visual Studio 11 Express, it may throw javascript exceptions in the web page in the iframe. You can "continue" it. This exception will not be visible when you are running a deployed version of your application (running from start menu).
On further investigation the answer seem to be that yes you can for most sites, but some sites (such as google) seem to fail when embedding with an iframe.