Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Does Confluence no longer support Embedded content using Frames from Jira?

Richard Romero
Richard Romero February 27, 2018

We used to be able to provide dynamic content from Jira to Confluence and now after our recent upgrade, this is no longer possible.  Our tools team provided us with the following link - https://confluence.atlassian.com/confkb/confluence-page-does-not-display-in-an-iframe-827335781.html

Without compromising all our sites by disabling clickjacking, how is this possible to allow?

Answer
Watch
Like Be the first to like this
840 views

1 answer

0 votes
James Richards
James Richards
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 12, 2018

Hi Richard,

 

The link that you're provided, is so pages in Confluence can be displayed in iframes elsewhere. What you're looking for is how to display a Jira page in Confluence. So we need to turn off the clickjacking headers in Jira.

You can do this in Jira with this document

https://confluence.atlassian.com/jirakb/security-headers-in-jira-939919914.html

So you can exclude some paths. But there's no way to specifically to turn it off when included in a Confluence page.

There are already a good number of macros in Confluence for displaying Jira content with Application links and gadgets, so I'm wondering what do you need to display in Confluence that can't be done with a gadget?

Do you have an example? 

Thanks, James

View More Comments
Richard Romero
Richard Romero March 13, 2018

Currently we are pulling dashboard info along with Portfolio Iframes: Below are some examples.  I am hoping our IT group will take the approach recommended by your KB link....  

Portfolio:

<iframe src='https://jira.nordstrom.net/secure/PortfolioReportView.jspa?r=sY2Dr&t&e' width=98% height='400' style='border : 2px solid #ccc;'></iframe>

<iframe src='https://jira.nordstrom.net/secure/PortfolioSharedReportView.jspa?r=FuoXR&t&e' width=98% height='400' style='border : 2px solid #ccc;'></iframe>

 

Wallboards:

<iframe src='https://jira.nordstrom.net/plugins/servlet/Wallboard/?dashboardId=43127' width=30% height='250' style='border : 1px solid #ccc;'></iframe>

<iframe src='https://jira.nordstrom.net/plugins/servlet/Wallboard/?dashboardId=43901' width=30% height='250' style='border : 1px solid #ccc;'></iframe>

Like
James Richards
James Richards
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 13, 2018

Hi Richard,

 

So, yeah, you'll need to look at the headers coming from jira.nordstrom.net as that's where the X-Frame-Options: SAMEORIGIN, etc. are coming from. This is a browser security feature, so I wouldn't recommend turning it off in the browser (if it's possible, because I'm not sure if it is)

Regards, James

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.