Unable to Open the Kibana 7.10.2 GUI with in the iframe

Hello Team,

I am facing an issue with the Kibana 7.10.2 version to open the Kibana GUI with in the iframe

But the same Kibana GUI with port 5601 is opening in the new tab means it was working

Is there any configuration changes, do we need to perform to load the the kibana with in the iframe of another website .

Here attached the screenshot for the reference of the loading kibana 7.10.2 in the Iframe.

Any help ASAP…


That looks like a browser level block based on mixed HTTPS/HTTP iframe content (although I can’t be 100% sure without knowing more). This would happen if, for example, you ran Kibana has HTTP and your webpage containing the iframe was HTTPS.


The main site is using https and the kibana also using the https certificate that is provided from kibana certs generation site.

So here we were not configured any https for the main site with iframe and kibana.

Thanks ,

Hi any updates on the issue mentioned for kibana loadin in iframe

Could you post how your HTML is being done with the iframe? I’ve read your message a few times and I can’t make heads/tails out of it - it would be clearer to understand the problem with code. I don’t need the whole thing, but seeing the inner and outer frame protocols would be helpful.

The image you posted points to the browser blocking, so it has to be something with how you’re embedding.


Here i have attached my code which is embedded the Kibana URL to load in the iframe,please check and get back to us if any info requires.


And to be clear, this page is being loaded as https as well?


[ https://foobar.com/ [iframe https://foobar:5601/] ]

I think what is going on is similar to this stackoverflow question. You can set the the headers in kibana.yml / opensearch_dashboards.yml with a line like server.customResponseHeaders: {"x-frame-options":"allow-from *.foobar.com"}

1 Like

Will the property supports IP Address in the kibana.yml to add

server.customResponseHeaders: {"x-frame-options":"allow-from *. "}

I think Kibana will pass it, if it’s allowed is a browser thing.