This documentation version is deprecated. Please click here for the latest version

Embedding Decisions Forms In Same Origin iFrames

Prev Next

Overview

Decisions uses cookies for authentication and iFrames for embedding Forms. In v6.20+, Decisions has the ability to handle proxied requests so that all traffic goes back through the host site. This allows everything to remain as same-origin from the browser's point of view. This ability is useful for self-hosted scenarios, where is less likely IIS or another technology is in between and could be used as a reverse proxy.

Browser Change to Cross-Domain Cookies
With iPadiOS 13.4+ and Safari 13.1+, cross-domain cookies are no longer allowed. As a result, embedded iFrames cannot authenticate Forms on Mac OS Safari or iOS at all. To learn more on this issue, visit Full Third-Party Cookie Blocking and More.


 Configuration

The following example will demonstrate how to configure the web.config file for proxy.

  1. Navigate to C:\Program Files\Decisions\Decisions Web Host and open the web.config file. 
  2. Edit the web.config file to include a true value for AllowProxyFrom and include the appropriate 'scheme:host' value for the ProxyFromWhiteList configuration option.
    Configuration Description
    AllowProxyFromTrue or False value. Allows feature to be enabled or disabled. Default is false.
    ProxyFromWhiteListComma-separated string-list of 'schema:host' values. Specifying a 'schema:host' value will limit where Decisions UI will rewrite UI traffic to. If nothing is specified, it will allow proxies from anywhere.
    <configuration>
     ...
     <appSettings>
     ...
     <add key="AllowProxyFrom" value="true" />
     <add key="ProxyFromWhiteList" value="http://site-1,https://site-2" />
     </appSettings>
     ...
    


After enabling the proxy, the proxy will forward traffic, for example, from https://host-server/decisions to https://d-server/decisions. It will also change the origin of each request and add 'x-proxied-from : "https://host-server"'. The host's proxy test path and the Decisions virtual path are assumed to be the same in v6.20+.