This is currently NOT working on my testsite, and if you had not announced to publish a switch, I would protest much louder against this kind of paternalism.
[quote=107474:@Greg O’Lone]
You miss the point. this is about preventing someone from making your wab app appear in THEIR site, as if it is part of their page. [/quote]
I have not missed that. But what can be used in a bad way can also be used in a good way, that what it was initially meant for.
So I doubt that you are able to imagine all possible use-cases out there and I strongly oppose general restrictions, exactly because of this reason. Don’t make your power car a super-safe baby buggy.
[quote=107474:@Greg O’Lone] we add feature that we think will benefit the community as a whole.
this one will, as soon as we add a switch to turn it off.[/quote]
I’m waiting for this.
Hmm. Let me try to explain my point: We use iFrames in order to avoid reinstalling the same webapp several times. Like this, we can continue using existing homepages with existing providers and just add pages with iframes. The webapp itself can check if it is at the right place.
In the process of seminar registration, the app will hand over data to a payment provider (saferpay.com) and his payment terminal is displayed in the same iframe we started. Before coming to the point to enter credit-card data, the registrant can decide whether he wants the payment terminal to load in its own window.
The default is to keep the registrant on one website, and not open up another window. With the current WE implementation this is broken.
And this raises more questions: how do you handle cases where the same homepage can have multiple domain names? Or domain names on websites with non-static ip addresses? Are you sure that you are not over-securing and locking down things which are perfectly in order?!
I can reproduce a case where your intended mechanism is not working, all on the exact same domain:
I have a testsite on a homeoffice server. It has a domain name and runs with SSL, but the ip changes. And there I load a test webapp into an iframe. It does NOT load, even though "the item in the frame is coming from the EXACT same domain" (As I mentioned before, it does load when built with an earlier version of Xojo).
Right now I went back to a Xojo 2013r4.1 built webapp, and it works on a testsite (with meaningless contents). See links further down. The same thing does not work when built with Xojo 2014r2
The xojo testapp is here:
https://xojopro.com:9001/
The testsite url is here:
https://www.xojopro.com/tut/iframe-2/