Community
OpenEnergyMonitor

OpenEnergyMonitor Community

Emoncms (on emonpi) - problem in iframe for dashboard

I have been running an internal website with a page with an iframe on it displaying a dashboard.
It always worked.
However, since an update of chrome i’m having a problem:

  • viewing the dashboard directly works (http://ipofemonpi/emoncms/dashboard/view?id=44&embed=1)
  • viewing the same url in an iframe does not work. I have the folowing problems:
    — i cannot login (keeps aksing for login) ==> set the dashboard as public solved this
    — the dials/graph do not load. The developper console gives this error: “review config for feed id of dial”

any idea’s how to fix this so it works on chrome (an as such on my android phone?)

Traced the problem to the sameSite cookie changes in chrome…
Does anyone know how i can change this on a 9.8.25 version ? (i know its old, but a bit afraid to upgrade it since its running fine…

I upgraded to the last version of emonpi, but the problem with the dashboard not working in an iframe from a different raspberry pi. (on android and chrome on windows, firefox is working ok)
I tried googling for a solution, but i couln’t find one (i understood)…

Hello @promy have you tried using the read apikey in the iframe URL? that should disable any use of cookies I think. Perhaps it will get around the sameSite issue?

I tried it, but no luck.
If i use the “&readkey=XXX” (with XXX the correct readkey) and the dashboard is public ==> i get an error (see below).
If i set the dashboard as “not public” ==> it asks for a login, but never accepts it (no error, just reload the same site askin for login.)
If it should matter: i use embed=1

Is the iframe within an https page?

No, its a standard http (actually a php file running on a apache2 on a raspberry pi.)
To get it to work in chrome i must change both the following setting in chrome (changing only one does not work):
chrome://flags/#same-site-by-default-cookies ==> “samesite by default cookies” : disabled
chrome://flags/#same-site-by-default-cookies ==> “Cookies without SameSite must be secure” :disabled