CRITICAL SECURITY VERSION UPDATE:
https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.13

Advanced Module with an iframe

almostcompletelyalmostcompletely
in Modules

My advanced module is basically a wrapper for a standalone php application.
The ./views/_admin/main.php default view file contains an iframe which points to ./modules/mymod/third_party/launcher.php
When run through Fuel, the iframe returns a "403 Forbidden: You don't have permission to access this resource." error. I guess that's a Fuel security thing?
Is there any way to get iframes within a module to work?

Comments

  • adminadmin

    That seems more like a module specific permission error. I can't think of anything that FUEL is to prevent iframes like that. You will need to have a proper session and permissions to view the page though (which it looks like based on the error, is what is happening).

  • almostcompletelyalmostcompletely

    pulling the launcher out of the fuel directory structure makes it work.
    I was hoping to use Fuel permissions to handle access to the tool, hence the advanced module.
    The same error exists for any iframe content within modules - eg. if the iframe points to a flat HTML file that just says "hello world".
    I'm testing as a superuser so should have fuel permissions? I'll add one and see what happens...

Sign In or Register to comment.