DocuSign嵌入的网址未在iFrame中呈现 [英] DocuSign embed url not rendering in iFrame
问题描述
在iFrame中嵌入签单签字仪式时,有人遇到过问题吗?
我正在尝试使用iFrame测试docusign嵌入签名。但是浏览器(在Chrome,Firefox上经过测试的 )拒绝呈现该网址。
Anyone ever had an issue when embeding a docusign signing ceremony in an iFrame?
I'm trying to test docusign embed signing by using an iFrame. But the browsers (tested on Chrome, Firefox) are refusing to render the url.
我得到了嵌入网址(看起来像 https://demo.docusign.net/Signing/MTRedeem/v1/XXXXXXXXX?slt=XXX ),然后将此网址设置为iFrame源我的网站。但这只是显示空白页,什么也没出现(如果我只是将URL粘贴到url栏中,则可以嵌入到iframe中,这样效果很好)。如果我检查了Google Chrome浏览器中的控制台日志(在win10上),我会看到错误
拒绝显示'https://account-d.docusign.com/recipient/auth 'ui_locales = zh-CN',因为它会将 X-Frame-Options设置为 sameorigin 。
I get the embed url (which looks like https://demo.docusign.net/Signing/MTRedeem/v1/XXXXXXXXX?slt=XXX) from DocuSign and then sets this url to iFrame source on my website. But it just shows a blank page nothing comes up (instead of embeding in an iframe if I just paste the url in the url bar it renders fine). If I check the console logs in Google Chrome (on win10) I see an error
Refused to display 'https://account-d.docusign.com/recipient/auth?ui_locales=en' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
<iframe src='https://demo.docusign.net/Signing/MTRedeem/v1/XXXXXXXXX?slt=XXX' height='900' width='900'>
</iframe>
如果我看到网络标签,则会发生以下重定向:
If I observe the network tab the following redirects are happening:
Request URL: https://demo.docusign.net/Signing/MTRedeem/v1/XXXXXXXXX?slt=XXX
Request Method: GET
Status Code: 302 Found
Response Headers
Location: https://account-d.docusign.com/managed_token/v1/redeem/?slt=XXX
Request URL: https://account-d.docusign.com/managed_token/v1/redeem/?slt=XXX
Request Method: GET
Status Code: 302 Found
Response Headers
Location: https://demo.docusign.net/Signing/StartInSession.aspx?code=XXX
X-Frame-Options: SAMEORIGIN
Request URL: https://demo.docusign.net/Signing/StartInSession.aspx?code=XXX
Request Method: GET
Status Code: 302 Found
Response Headers
Location: https://demo.docusign.net/Signing/ActivateSecurityChecks.aspx?insession=1&ti=XXX
Request URL: https://demo.docusign.net/Signing/ActivateSecurityChecks.aspx?insession=1&ti=XXX
Request Method: GET
Status Code: 200 OK
Response Headers
Set-Cookie: BIGipDocuSign_Demo_Signing=XXX
X-DocuSign-Node: XXX
Request URL: https://account-d.docusign.com/recipient/auth?ui_locales=en
Request Method: GET
Status Code: 200 OK
Response Headers
X-Frame-Options: SAMEORIGIN
X-DocuSign-TraceToken: XXX
X-DocuSign-Node: XXX
注意:我遵循了此示例来自docusign的官方示例。
Note: I followed this sample from docusign's official examples.
EDIT
RecipientViewRequest:
EDIT RecipientViewRequest:
{
"AssertionId":"logging in event id",
"AuthenticationInstant":"1\/29\/2020 11:09:26 AM",
"AuthenticationMethod":"password",
"ClientUserId":"logged in user id",
"Email":"my-email@mydomain.com",
"ReturnUrl":"https:\/\/subdomain.mydomain.com\/recieve",
"UserName":"signerFirst lastName",
"XFrameOptions":"allow_from",
"XFrameOptionsAllowFromUrl":"https:\/\/subdomain.mydomain.com"
}
EDIT 2
如果我还记得,过去进行测试时,嵌入方法对我有用。
这种拒绝在iFrame中呈现的行为是最近才开始的。
EDIT 2
If I recall, the embeding method had worked for me in the past while testing.
This behavior of refusing to render in iFrame has started fairly recently. Maybe they have changed on their end during last month.
推荐答案
通常,由于兼容性和故障排除难度,不鼓励使用iframe。建议将用户重定向到URL,然后在完成后捕获returnUrl重定向。
In general, iframes are discouraged due to compatibility and difficulty in troubleshooting. The recommendation is to instead redirect the user to the URL and then catch the returnUrl redirect upon completing.
也就是说,信封:: CreateRecipientView 调用
"xFrameOptions": "allow_from",
"xFrameOptionsAllowFromUrl": "https://example.com"
其中xFrameOptions参数应为 allow_from以启用此功能,而AllowFromUrl应该是您网站的域。
where the xFrameOptions parameter should be "allow_from" to enable this functionality, and AllowFromUrl should be the domain of your site.
这篇关于DocuSign嵌入的网址未在iFrame中呈现的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
