Embed a CML application in an external website
You can embed a CML application into an I-frame on a web page. You need to specify the
frame-ancestor attribute, otherwise the browser security policy will prevent the
application from rendering in the page.
The frame-ancestor attribute prevents "Clickjacking" attacks by specifying which domains are
allowed to provide embedded content to your site. To enable a domain to embed a CML application,
set the environmental variable CDSW_FRAME_ANCESTORS to cointain one or more
websites as follows:
- The name of the embedding website, specified in
host-sourceform. - You can specify multiple websites as a comma-separated list.
You can set the environmental value in .
For more information on host-source form, see: CSP: frame-ancestors.
