TABLE OF CONTENTS

• Using a Website/iFrame block:
• Hosting your Own Embed Site:
• Refresh Data:
• Troubleshooting:
  • Page Refuses to Connect:
  • Content-Security-Policies (CSP):
  • Page Requires a Session Cookie:
  • Webpages Requiring Login:

With your Paid Subscription and Custom Screens, DAKboard contains functionality to embed Secure HTTPS websites into an iframe that permits embedding.  This must be hosted so that it can be accessed via the internet and will not work within a local network. This will allow you to connect content to other sources and diversify your screen.

WARNING:  Embedded sites may be able to view the address of your private URL.  DAKboard takes certain measures to protect against malicious code via iframe but cannot validate that the iframe site you enter is free of all security risks.  Only embed websites that are trustworthy and handle data securely.

Using a Website/iFrame block:

Create a Block for 'Website/iframe in your custom screen.

Enter the website to embed, a refresh interval, and size the block to a desired location and size.  Please note that HTTP sites cannot be embedded, only HTTPS sites may be used.

Hosting your Own Embed Site:

If you want to host your site to embed, you will need to make sure it can be accessed from the Internet and it is on a Secure site using HTTPS. You can do this by using a web hosting service that sets up secure sites, or you can set this up on a personal server. 

If you do this from a personal server, you can use self-signed certification, but you must make sure it stays valid if you want the embed to continue working. This method is only recommended for users with the knowledge to create and maintain a website and security certs. DAKboard is not responsible for anything that will happen to this site or its data using this method and cannot support you in setting up your site. 

Refresh Data:

With the new settings option Refresh Data, you can use the Automatic refresh rate determined by the site you are embedding, or you can set a manual refresh rate to send a call to your service. These refresh rates can be seen below:

Be aware, these rates are still limited to the refresh rates the Site will allow. If the site in question only updates once an hour, setting your Refresh Data speed faster than that will not gather the data quicker and may lead to the site giving you a 429 Too Many Requests error. Make sure your refresh rate is set to be slower than the website's automated refresh or leave it set to Automatic instead.

Troubleshooting:

Below are some Common issues you may see when trying to embed a site and how to determine if the Site can be embedded with DAKboard.

Page Refuses to Connect:

If your HTTPS page refuses to connect a gray page with a sad face will be shown, this is due to security implemented on the hosting site's web server which can only be changed by the website administrator.  DAKboard cannot in any way override this to display your page.  You cannot add pages that first require you to log in to view unless you have access to your display device to authenticate to the page first as well.

To identify if the page permits embedding, open your configured DAKboard screen URL and open the developer console on your browser (F12 in Chrome for example), then refresh the page.  Click the Console tab, or the red error icon in the top right to display the page errors as shown below:

The following headers will prevent access :

X-Frame-Options: SAMEORIGIN

X-Frame-Options: DENY

And this header to allow access:
X-Frame-Options: ALLOW-FROM [uri]

Content-Security-Policies (CSP):

The CSP is the name of an HTTP response header that all modern browsers use for enhanced security. The Site owner controls these and can prevent the embedding of a site into the DAKboard screens. For more information on CSP check out the article from https://content-security-policy.com/. This includes information to explain better why these types of sites may not embed, and how to test a site to see if it will respond with a method to block embedding. 

Page Requires a Session Cookie:

It was found that some web pages and widgets require session cookies to be able to establish and maintain a connection to the site. Since the Chromium setup on DAKboard uses incognito mode, these types of session cookies will not load or remain whenever a screen is updated or a DAKboard is rebooted. This was done for consistency reasons but can be changed to allow for specialty items. Here are the steps to resolve the issue:

• Start by plugging a USB mouse and keyboard into your DAKboard OS device.
• Press ctrl+alt+t to open a terminal session
• Depending on your model and OS versions type one of the following to edit the Chromium shell script:
  • Orange Pi CPU/Wall Display OS version 103.42 and below: 
    • sudo nano /home/orangepi/startup/chromium.sh
  • Raspberry Pi CPU/Wall Display OS version 3.42 and below:
    • sudo nano /home/pi/startup/chromium.sh
  • All CPU and Wall Displays versions 3.50 and above:
    • sudo nano /home/dakboard/startup/browser.sh 
• Remove the --incognito /  line from anywhere you find it in the Script
• Press ctrl+x then the Y to save the file then ENTER
• Then from the terminal cursor type sudo reboot or unplug and replug the device to reboot your system

It may be possible to use a mouse and keyboard or touchscreen to log into a site embedded in an iFrame on the DAKboard OS. However, some pages will require active session cookies (see Page Requires a Session Cookie), or will require frequent login checks, and/or may update their login policies and pages which could prevent this from working or cause it to fail after the initial successful login. Unfortunately, there is nothing we can do if the website you are using makes these changes.

We recommend trying the steps for Session cookies above to see if this fixes the issue. If not, you will have to reach out to the hosting site to see if they allow embedding, or you will have to find another site to use.