Hi,
I want to iFrame my own external website into my main Wordpress membership site. The iframe shows the login page of that website, even I have an active login session on my browser. When I try to login into it, it shows an error saying "CSRF token mismatch! We tried it, but failed when requesting data to the server."
Can you please show me the full workaround how to bypass all this? Perfectly would be to autologin into the dashboard of that website to avoid double login.
Thank you in advance!
I assume you have a cookie issue here. In the iframe you need secure + SameSite=None cookies. Can you check if this is the case. Press F12 - the browser console will tell you if you have this issue.
A possible solution can be found here: https://www.tinywebgallery.com/blog/advanced-iframe/advanced-iframe-pro-demo/how-to-use-the-samesite-cookie-fix
Part of it is in my next release. Part you can do also n your .htaccess or by fixing your code.
Autologin has nothing to do with the iframe. Thi you have to implement by yourself.
Best regards, Michael
Let me explain a little more:
I have my WP membership site:
example1.com
I have another WP site:
example2.com
And I have a nonWP site:
app.example2.com as a (subdomain of example2.com)
Now, I want to embed the app.example2.com into both websites. On example2.com it works perfectly, but on example1.com it shows that error. I think it has to do something about that it is an external domain.
Check my last post. Have you checked the browser console? Different domains can always be a cookie issue...
Best regards, Michael
