this is very excellent. I think I’d really like to get aus dev to have a look over it and a chat and discuss best plan, to make sure direction isn’t cutting anything of. @lin_d_hop were you going to organise a hangout time like we did with bulk uploader? seems like quite pressing as @Matt-Yorkley is ready to get on with it! Definitely include @oeoeaio and I think @maikel as well, is that ok @danielle?
Slight snag with our HTTP header options: apparently we don’t currently allow iframes. Not sure if this is a Rails setting or a server thing.
Load denied by X-Frame-Options: https://openfoodnetwork.org.uk/stroudco/shop does not permit framing.
By jingies @Matt-Yorkley, a deadline of May 29th. That’s a tricky one to navigate…
Ok, could you list the MVP set of requirements for your May29th deadline please? Perhaps this can make our phase one and we add features as we go, based on the outcome of the May 10th chat.
To my understanding…
It should include:
- Shopper can login to OFN via iframe (OFN login, not an integrated login)
- Shopper can order from the single hub via iframe
- Shopper can checkout via iframe
- Shopper can view their account via iframe
It does not need to include:
- Any functionality for the hub, they can visit ofn main site
- Any other navigation with the iframe. In fact this should actively be disabled.
- White-labelling emails. Emails can still come from hello@ofn.
- Removal of OFN branding. This is not a total white-label for the embedding enterprise.
That looks good. The main blocker at the moment is a simple change in Rails settings to allow pages to be embedded in iframes, outlined here: https://jerodsanto.net/2013/12/rails-4-let-specific-actions-be-embedded-as-iframes/
It’s one line of code:
response.headers.delete "X-Frame-Options", which needs to be added on the before render action of whichever controller actions we want to make embeddable.
It’d be good if we could get something like this pushed and merged relatively quickly, because I can’t even test an iframe or tinker with it at the moment. Everything else isn’t really urgent but obviously would be nice to have at some point.
So after a brief chat the outline is:
- An admin checkbox for “enable embedded shopfronts”
- A general helper method (enable_iframes) that checks the admin setting is enabled, then unblocks iframe use with the line of code above
- The method gets called selectively on the necessary controller actions using
This feature would be very helpful!
@farmtech this feature is in fact deprecated.
Ok thank you @lin_d_hop for letting me know. So its not on the roadmap for future use? Or something that will get revisited at some point?
Thanks in advance!
Not using iframes. We’ll probably focus on API functionality that will enable people to code their own front ends and then explore plugins. Probably the need will come from integrating with POS first.
If you want to share any other thoughts on successful embedding feel free.
OK thank you @lin_d_hop that makes total sense.