To successfully embed a website page directly into your Custom Tags (or Mattertags) on CAPTUR3D, the website must support being used in an iframe on a third party website.
If the website you wish to embed is one that you control, you are able to configure some HTTP headers to allow the use of your website with CAPTUR3D. These headers are described below:
X-Frame-Options
This header should not be included in the response of the pages that you wish to include. This is a legacy header, but most browsers still respect the
X-Frame-Options: DENY
so for your website to be able to be display you should not include this header in your response for the page you wish to be displayed. For more information, please see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
Content-Security-Policy
The Content Security Policy (CSP) header is supported by modern browsers as a means for you to control resources the browser is allowed to load for a given page. The specific directive that will allow CAPTUR3D to display your site is the
frame-ancestors
directive. Setting this to include CAPTUR3D's domains and your Whitelabel Domain (if you have one setup) will tell browsers to allow your website to be embedded in your Virtual Tour.
For example:
HTTP
1 Content-Security-Policy: frame-ancestors https://*.captur3d.io https://tours.yourcompany.com;
For more information on CSP, please visit https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
Comments
0 comments
Please sign in to leave a comment.