allow <iframe> HTML tag into the popup

2506
6
03-30-2017 06:55 AM
Status: Open
Jose_ManuelHeras
New Contributor II

I'd like to show contents form another source. For example, my own server. So I could call the content as:

<iframe src='http://myserver/mypage.php?id={OBJECTID}>

in my personalised popup window.

I know about this idea:

https://community.esri.com/ideas/5953 

But it doesn't work the <iframe> feature.

Thank you very much.

6 Comments
StefanUseldinger

Unfortunately, Esri removed this features with ArcGIS JavaScript API 4.14

sgavathe

Are there any alternatives under ArcGIS JavaScript API 4.14 on how to embed the page inside PopupTemplate? 

 

Thanks and Regards,

Shailesh Gavathe

LeilaJackson1

I was able to add iframes to my AGO pop-ups until August. Today I learned from ESRI customer service that they are no longer supporting iframes in AGO. This is really unfortunate as it was a really nice feature.

Razi_Mosadeghi

Hi @Jose_ManuelHeras <iframe> content has never been part of the officially supported list of HTML tags for pop-ups. This is identified as a security issue and patched in recent versions of ArcGIS JavaScript API. It has been removed intentionally to prevent XSS attacks.

Please refer to the following link for more information, on supported HTML tags: https://doc.arcgis.com/en/arcgis-online/reference/supported-html.htm.

If you need to add videos to the pop ups, as a workaround, you can use video tag instead, the HTML code will be something like:
<video controls="true" height="200" width="200">
<source src="http://localhost/myvideo.mov"type="video/webm"></source>
</video>

Hope that helps.

LeilaJackson1

@Razi_Mosadeghi Thank you for this explanation of why it was removed.

JoshZeeb

Thanks for the information @Razi_Mosadeghi. I've been attempting to do exactly as you stated with the <video> tag, except with a link to a youtube video. But, I run into a security issue when using Chrome, called "Cross-Origin Read Blocking" (CORB). So, the video is blocked from playing in the pop-up. Have you run into this issue before? Any suggestions?

Below is some more information on the security feature run by Chrome:

https://chromestatus.com/feature/5629709824032768

Thanks,

Josh