after upgrading to Canvas 3.0.1., I could finally get rid of a SSO issue, which is great. However, as of Canvas 3.0.1, SSO seems to include a couple of URL redirections, which I assume is causing another issue when the Canvas page is embedded in an IFRAME (in our case, within a Sharepoint webpart):
Does not work in Edge, but also not in Chrome. At least Chrome gives more details about error message:
Refused to display 'http://<mycanvasurl>in a frame because it set 'X-Frame-Options' to 'sameorigin'.
Anyone any idead how to work around that? Can I influence this at all, e.g. setting the X-Frame-Options in a way that the Canvas page would be accepted in an IFRAME?
Paul, you made my day, works perfectly!
And thanks for your remark concerning security. This application is not accessible in a public manner, so I think this would be acceptable.
Just a note that this is a temporary fix and will be overwritten on upgrade. But we will look into how to make it more manageable and be able to persist on upgrades next.