Help Center

Allow HTML iframe integration

Integrating Cameyo sessions into your own portal site requires some HTTP cross-site scripting permissions.

Integrating Cameyo with your own site requires some cross-site security permissions.

Integrating your Cameyo server

On your Cameyo server, add the following section into C:\RapPrereqs\Tomcat\conf\web.xml:

<filter>
  <filter-name>ClickjackFilterDeny</filter-name>
  <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
  <init-param>
    <param-name>antiClickJackingEnabled</param-name>
    <param-value>true</param-value>
  </init-param>
  <init-param>
    <param-name>antiClickJackingOption</param-name>
    <param-value>ALLOW-FROM</param-value>
  </init-param>
  <init-param>
    <param-name>antiClickJackingUri</param-name>
    <param-value>/*</param-value>
  </init-param>
</filter>
<filter-mapping>
  <filter-name>ClickjackFilterDeny</filter-name>
  <url-pattern>URL PATTERN</url-pattern>
</filter-mapping>

URL PATTERN: pattern of origin URLs to allow. This can be for example "https://mycompany.com" or "/*" to allow all (not recommended).

Example:

Testing

When saving the modified web.xml, the HTTP server should automatically reload and take it into account within 30 seconds. To test that the correct headers are returned, access the Cameyo server's URL directly from a browser and check the returned headers within your Dev Tools console:

Integrating Cameyo's cloud portal

If you'd like to be able to integrate Portal calls (https://online.cameyo.com) into your site, please contact Cameyo's technical support with the domain name to allow portal access from (i.e. 'mycompany.com'). Cameyo's security team will assess the request and can white-list your domain as an authorized cross-scripting source in the most secure way.