Shiny-proxy in iframe - Adding CSP does not solve chrome blocking it
I have a shiny application running with shiny-proxy and I want to embed this application within another hub application.
I configured the application.yml in shiny-proxy to:
frame-options: allow-from http://127.0.0.1:5501
Content-Security-Policy: frame-ancestors 'self' http://127.0.0.1:5501
The allow from directive is deprecated in chrome and safari and therefore, I used it, as suggested by many StackOverflow answers, I used the Content-Security-Policy option. However, this has not resolved the issue yet.
Chrome is still blocking it:
proxy:
default-webSocket-reconnection-mode: Auto
same-site-cookie: None
# stop-proxies-on-shutdown: false
# recover-running-proxies: true
# recover-running-proxies-from-different-config: true
title: Open Analytics Shiny Proxy
logo-url: https://www.openanalytics.eu/shinyproxy/logo.png
landing-page: /
heartbeat-rate: 10000
heartbeat-timeout: -1
heartbeat-enabled: false
container-wait-time: 20000
servlet.session.timeout: 100000
container-log-path: /var/log/shinyproxy/container-logs
port: 8080
authentication: simple
admin-groups: admin
users:
- name: frank
password: password
groups: scientists
# Docker configuration
# container-backend: docker
container-backend: docker
docker:
cert-path: /home/none
url: http://127.0.0.1:2375
port-range-start: 20000
specs:
- id: something
...
logging:
file:
name: /var/log/shinyproxy/shinyproxy.log
# level:
# root: DEBUG
server:
frame-options: allow-from http://127.0.0.1:5501
Content-Security-Policy: frame-ancestors 'self' http://127.0.0.1:5501
secure-cookies: true
Solution
Making everything HTTPS solved it.
- Retrieving expected data.frame for testthat expectation
- How to use an anonymous function with pipe operator?
- R passing RSelenium driver environment as function argument
- Keep file names merging list with lapply?
- replace strings that contains one another
- Stop parsing out zeros after decimals in ggplot2's annotate
- Plot data.tree coloring and labelling by level
- Extracting the date and time out of a date and time format
- How to reshape a dataframe into wide format with specified column pairs
- Show partial segments removed after limit scales for `geom_pointrange`
- Control ggplot2 legend look without affecting the plot
- Concatenate strings over all rows in a single column of a data frame
- Is there some way to keep variable names from.SD+.SDcols together with non .SD variable names in data.table?
- How to create mutually dependent checkbox columns in a DT table?
- A problem with an stacked, grouped and faceted graph y gg plot
- Installing R on Linux: configure: error: libcurl >= 7.28.0 library and headers are required with support for https
- Create a column conditional on multiple other character and numerical columns
- data.frame to array (2 columns)
- Changing options() in a function environment without changing options() in global environment in R?
- pivot(), group_by() and summarise() with nested data
- Why legend is not showing up in plot layout using patchwork in R?
- in dplyr::mutate, dplyr::starts_with works for .before but not .after?
- Finding optimal cut-off points for dividing a variable into equal groups considering ties in which quantiles do not work
- How to add a legend to hline?
- R Shiny Suppress slider handle for sliderInput until click
- brmultinom brglm2 vifs and dredge dont work
- R, how to get current time miliseconds, without extra information ? (Sys.time(), format("%X"))
- Installing multiple versions of R
- Command to see 'R' path that RStudio is using
- Fast pairwise longest common substring from start