Hi,

To prevent this you can specify key,url pairs. Not sure this is feasible to specify all your urls here. 

If you like a custom solution for this please contact me.

Best regards, Michael

Hi Michael, 

We want a kind of whitelist.

The url is like:

https://bakkerboer.nl/webshop/?page=/assortiment

What we want to allow is:

?page=/assortiment
?page=/aanbiedingen
?page=/CheckoutShoppingCart
?page=/CheckoutSignOn
?page=/CheckoutOrderDeliveryMethod
?page=/CheckoutPickupLocation
?page=/CheckoutPickupDateTime
?page=/CheckoutPaymentMethod
?page=/CheckoutOrderSummary
?page=/CheckoutPaymentMollieAPI

And maybe more in the future.

With this whitelist we want to prevent to load other sites within the iframe

So this must NOT be possible:

https://bakkerboer.nl/webshop/?page=//https://www.tinywebgallery.com/blog/advanced-iframe

Kind Regards,

Dave Everaers

Hi, 

you can configure this already . You can specify key value pairs. If key=value then only this ones are allowed.

Does this solve your problem?

Best regards, Michael

It is actually the same setting:

You can map an url parameter value pair to an url or pass the url directly which should be opened in the iframe. If you e.g. have a page with the iframe and you like to have different content in the iframe depending on an url parameter than this is the setting you have to use. You have to specify this setting in the following syntax "parameter|value|url" e.g. "show|1| https://www.tinywebgallery.co m". If you than open the parent page with ?show=1 than https://www.tinywebgallery.com is opened inside the iframe. You can also specify several mappings by separating them by ','.

you should not use reserved words: https://codex.wordpress.org/Reserved_Terms

so page is not good.

So one example with 2 elements with "show" is

show|/assortiment|/assortiment,show|/aanbiedingen|/aanbiedingen

?show=/assortiment will then link to /assortiment only

Best regards, Michael