Bludit Community Support Forum


https://forum.bludit.org/

V 3.17.2 & Iframe

https://forum.bludit.org/viewtopic.php?t=3130

Page 1 of 1

V 3.17.2 & Iframe

Posted: Sun Feb 22, 2026 4:43 pm
by LRAM
With this new version, it is impossible to use iframes. Bludit systematically adds a sandbox that blocks their display.
I made the mistake of saving a page that contained a working iframe, and it was automatically blocked.
an Iframe with youtube or spotify or amazon music works
not with deezer, not with a file on my own website

Re: V 3.17.2 & Iframe

Posted: Wed Feb 25, 2026 9:01 pm
by indocreativemedia
Hi,

I can insert iframe without problem on my localhost, as well as here:

https://www.softaculous.com/demos/Bludit

Re: V 3.17.2 & Iframe

Posted: Thu Feb 26, 2026 10:24 am
by LRAM
Hi, thank for answering
I create a page on your demo
I added this code

Code: Select all

<iframe title="deezer-widget" src="https://widget.deezer.com/widget/dark/album/737776821" width="100%" height="300" frameborder="0" allowtransparency="true" allow="encrypted-media; clipboard-write"></iframe>
once saved, the code is modified with sandbox=""

Code: Select all

<p><iframe title="deezer-widget" src="https://widget.deezer.com/widget/dark/album/737776821" width="100%" height="300" frameborder="0" allowtransparency="true" allow="encrypted-media; clipboard-write" sandbox=""></iframe></p>
and the frame is blocked

Re: V 3.17.2 & Iframe

Posted: Thu Feb 26, 2026 4:28 pm
by indocreativemedia
When the iframe contains a "normal" webpage, then there will be no problem.

But when TinyMCE detects an iframe that:
* Looks like a media/embed provider
* Requires script execution

it treats it as "active" embedded content.

TinyMCE applies stricter handling to “active” third-party embeds because they:
* execute scripts
* may interact with user clipboard
* request media playback
* sometimes use postMessage APIs

So TinyMCE auto-injects: sandbox="", which means: deny all capabilities.

To allow deezer widget, you need to tweak tinymce plugin:

/bl-plugins/tinymce/plugin.php

Look for tinymce.init and then add this line:

Code: Select all

tinymce.init({
  ~~blablabla~~: '~~blublublu~~',
  extended_valid_elements: 'iframe[src|width|height|allow|allowfullscreen|frameborder|class|sandbox]',
});
and then add the sandbox into your iframe:

Code: Select all

<iframe title="deezer-widget" src="https://widget.deezer.com/widget/dark/album/737776821" width="100%" height="300" frameborder="0" allowtransparency="true" allow="encrypted-media; clipboard-write" sandbox="allow-scripts allow-same-origin allow-presentation"></iframe>
I haven't test this but worth to try, wish this works.
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited