Iframe. Same Origin Policy Issue. Heroku

Sergei · November 15, 2018, 2:52pm

Hi everyone, I’m new to Metabase. But I already have some questions)

I’m running Metabase on heroku - https://analytics.xxxxxxx.com. Besides I have a primary application which is running on heroku as well - https://members.xxxxxxx.com.
I’ve created a dashboard in Metabase and put it to the my primary application via iframe, and it works fine.
I’ve noticed that I can’t change background-color of the dashboard(iframe) to make it suitable for the primary application design. I’ve tried to change background-color property using a javascript, but it didn’t work, because of the Same-origin policy http://take.ms/Xtdts which restricts any actions for embedded iframe even if the parent domain is identical. Besides I want to get rid of the empty space below widgets on a dashboard, but I can’t do it for the same reason.

Has anyone done anything similar? is there some workarounds for my case?

Any help will be greatly appreciated.

AndrewMBaines · November 15, 2018, 3:11pm

If you’re changing colours, it’s much easier to recompile. The way metabase uses css scatters bits all over the place. In the source, it’s nice and tidy to edit.
There is a hack you can do to avoid the iframe problem, but it reduces security. I just embed the dashboards and live with the reduced functionality.

Sergei · November 15, 2018, 3:54pm

@AndrewMBaines thanks for the reply.

If you’re changing colours, it’s much easier to recompile.

I haven't understood it clearly. How can I recompile it if Metabase runs on heroku?

AndrewMBaines · November 15, 2018, 4:55pm

Sorry, I’ve no idea how to work with heroku. I’ve been recompiling to a jar.

Sergei · November 15, 2018, 5:26pm

@AndrewMBaines thanks, anyway)