Hello
I am trying to add an iframe url of Bamboo server into check_mk to list down the projects but unable to find a way to add. Is it via Datasource program? It will be great if it is explained with an example.
Thanks,
Khozy
Easiest way would be the âBookmarksâ snap-in on your sidebar.
Edit your bookmark list and insert your URL. It will be opened in the right side frame if clicked.
But pay attention that it is not possible to embed an iFrame if your monitoring instance is running HTTPS.
Modern browsers and server configuration forbid this.
1 Like
Thanks. I am trying to access via bookmarks but it thorws an error ârequest to the server is blocked by an extensionâ
The url opens fine in browser but error withing Bookmarks of CMK.
The CMK instance is currently accessed as http.
You are sure that the other application allows that it is opened inside a iFrame?
Most applications forbid these.
The error message also sounds like this.
Yes, for instance, i can access the url in browser independently. However, if i add the same url in CMK Bookmarks, it does not work.
Thatâs clear, this must work. But the question is - does your application allow to be opened inside a iFrame? I would say no.
hmmâŚsorry for being ignorant as I dont understand what implies to application.
Using F12, I see following error -
Refused to frame âhttps://bamboo.infra.xxxxxxx.com/â because it violates the following Content Security Policy directive: âdefault-src âselfâ ssh: rdp:â. Note that âframe-srcâ was not explicitly set, so âdefault-srcâ is used as a fallback.
I tried to add chrome extension to disable CSP but same result. The iframe works fine in different monitoring platform eg PRTG. Does it by any chance require any config change in the CMK config file anywhere?
This is the CSP from the monitoring instance. You can modify the CSP inside the site Apache on your own. But please be aware of the security implications this has.
The configuration is inside â~/etc/apache/â in your site.
For example, in order for me to use a custom dashboard that pulls in netdata cloud data (app.netdata.cloud), I had to set mine to (see child-src below):
in file security.conf: Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'
ssh: rdp:; img-src 'self' data: https://*.tile.openstreetmap.org/ ; connect-src 'self' https://crash.checkmk
.com/ ; frame-ancestors 'self'; base-uri 'self'; form-action 'self' javascript: 'unsafe-inline'; object-src '
self'; child-src 'self' app.netdata.cloud"That is some serious stuffâŚit worked with your suggestion 
Thank you !
Just one more thing I noticed -
The first page loads up fine. However, when I try to click one of the projects on that page, it does not load up. Should there be something more to add?
You could temporarily set to * ⌠ideally you want to inspect (like browser debugger) and figure out what other sites you need to add.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.