STF in iframe

[KingRat0011]

I'm using STF with the docker container setup and Nginx as specified in the https://github.com/DeviceFarmer/stf/blob/master/doc/DEPLOYMENT.md
I'm trying to embed this in an Iframe from another application running php

<iframe src="https://xxx.xxx.xxx.xxx/?jwt=xxxxxxx.xxxxxxx.xxxxxx#!/control/RFCW20AV6NZ/"width="1200" height="1200" ></iframe

It works in a normal tab in Chrome, but in the Iframe it takes me to the main login page

If I try to login using the Iframe, I get this error in the docker logs for stf-auth-3200
ForbiddenError: invalid csrf token at csrf (/app/node_modules/csurf/index.js:112:19) at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5) at trim_prefix (/app/node_modules/express/lib/router/index.js:328:13) at /app/node_modules/express/lib/router/index.js:286:9 at Function.process_params (/app/node_modules/express/lib/router/index.js:346:12) at next (/app/node_modules/express/lib/router/index.js:280:10) at /app/node_modules/body-parser/lib/read.js:137:5 at AsyncResource.runInAsyncScope (node:async_hooks:202:9) at invokeCallback (/app/node_modules/raw-body/index.js:238:16) at done (/app/node_modules/raw-body/index.js:227:7) at IncomingMessage.onEnd (/app/node_modules/raw-body/index.js:287:7) at IncomingMessage.emit (node:events:539:35) at endReadableNT (node:internal/streams/readable:1345:12) at processTicksAndRejections (node:internal/process/task_queues:83:21)

The JWT token works from a normal tab, IE just clicking the link

Does anyone have any ideas on this please, I used to build stf with the npm install instructions (and running on http with apache) and then the php application and iframe worked, but with the docker build, it changes to https and nginx

Please, please any ideas, I've been trying to get this to work for weeks now

[csdaa]

Do you want to nest STF with IFrame on a php page?

[KingRat0011]

Hi @csdaa
Yes that is correct, I want to show STF in an Iframe using PHP