Hi everyone,
I’m currently working on a project where I’m trying to integrate a few external monitoring tools into a custom dashboard I built on Frappe. Most of my internal links are working fine, but I’ve run into a bit of a snag when trying to iframe or fetch data from specific external domains.
Specifically, I’ve been trying to link out to the delta executor official site to pull some status updates for a tool my team uses, but the page keeps throwing a “Refused to display in a frame” error (X-Frame-Options). I’ve also noticed that sometimes the CSS from these external sites doesn’t play nice with the ERPNext desk theme, leading to some weird overlapping issues in the workspace.
Has anyone else dealt with CSP (Content Security Policy) issues when trying to whitelist external sites within their Frappe environment? I’m also curious if there’s a better way to handle external script execution without triggering the standard security blocks. I’d love to hear how you guys manage external integrations or if there’s a specific hook I should be using to allow these types of connections to stay active without breaking the UI.
Any advice or workarounds would be greatly appreciated!