framebusting/clickjacking stuff

[Jerry Shipman]

Hello,
I am pretty sure I know the answer to this already, but I have to ask...

Some of our websites have "embedded content" where they put a tableau chart or something like that into an iframe on their website. When they do something like this, when the website-inside-the-iframe (e.g. tableau) requires a SAML login, it doesn't work because of the framebusting/anti-clickjacking stuff in the SSO login page (shib IdP).

I'm trying to figure out a good solution for them.

It seems like with Tableau, there is a setting we can change to alter its behavior, so it will pop up in a new window or something instead of trying to work in the frame. So we are going to look at that. For other websites, it might be harder to fix.

Does anyone out there have a favorite workaround for this issue?

Thank you for your help,
Jerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20211115/cf14aa08/attachment.htm>