function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
abu saleh khan 8abu saleh khan 8 

How to embed sharepoint login page in a lightning component

Hi Team,

I want to embed sharepoint login page in a lightning component. I can embed few websites but i want to get sharepoint login page to the component.User-added image


<aura:component implements="force:appHostable,flexipage:availableForAllPageTypes,flexipage:availableForRecordHome,force:hasRecordId,forceCommunity:availableForAllPageTypes,force:lightningQuickAction" access="global" >
    <iframe src="https://wrgrace.sharepoint.com/sites/dev-MXTest14"
            width="100%"
            height="500px"
            sandbox="allow-same-origin allow-scripts allow-forms"
            scrolling="auto"/>
</aura:component>

<aura:application extends="force:slds">
    <c:WebPageEmbed/>
</aura:application>
Khan AnasKhan Anas (Salesforce Developers) 
Hi Abu,

Greetings to you!

You are getting an error in console log: “Refused to display ‘https://wrgrace.sharepoint.com/sites/dev-MXTest14’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.“

This is because of clickjacking. ClickJacking is a technique used for hacking. Clickjacking, also known as UI redressing, is in the click fraud category and is a method used by criminal hackers to make users unknowingly perform certain actions by clicking on buttons or links. The objectives of clickjacking include the control of other people’s PCs as well as the redirection of users to paid content or fraudulent websites.
On the ClickJacked page, the users think they are clicking buttons corresponding to the bottom layer, while they are actually performing actions on the hidden page on top.

Try disabling the below setting and see if it works. This is not recommended but only a temporary workaround.

User-added image

Please refer to the below links which might help you further.

https://getthekt.com/salesforce-com-refused-to-display-httpsomewebpage-in-a-frame-because-it-set-x-frame-options-to-sameorigin/

https://www.forcetalks.com/blog/clickjack-protection-for-salesforce/

https://trailhead.salesforce.com/en/content/learn/modules/secdev_application_logic_vulnerabilities/secdev_app_logic_clickjacking

I hope it helps you.

Kindly let me know if it helps you and close your query by marking it as solved so that it can help others in the future. It will help to keep this community clean.

Thanks and Regards,
Khan Anas