How To Restrict Iframe Access to Specific Domains

Link: https://support.brilliantdirectories.com/support/solutions/articles/12000104163

A new Advanced Setting has been introduced: Whitelist Domains Allowed to Iframe This Website. This setting provides control over which external domains are permitted to embed content from the website using an <iframe>.


Enabling this feature enhances security and ensures better management of where website content can be displayed externally.



Available Options


This setting has three available option values, each offering different functionality to control iframe access: All, None, and Specific Domains.

1. All (Default)

  • Allows all external domains to embed the website in an iframe.

  • Suitable for websites intended to be widely embedded without restriction.

2. None

  • Prevents all external domains from embedding the website in an iframe.

  • Ideal for cases where iframe embedding is not permitted for any third party.

3. Specific Domains

  • Grants access only to a list of approved domains.

  • Requires a comma-separated list of allowed domains.

  • Supports various URL formats, including:

    example.com, www.example.com, https://example.com, https://www.example.com, http://example.com, http://www.example.com

  • Appropriate for allowing iframe access from trusted or controlled domains only.