From ca6af92ca061ec5d416cbf42b49bf90275821504 Mon Sep 17 00:00:00 2001
From: Tony Pushmore <tony@surfly.com>
Date: Thu, 16 Oct 2025 21:55:24 +0200
Subject: [PATCH 1/2] Provide iframe embed solution

---
 docs/widgets/iframe/index.mdx | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/docs/widgets/iframe/index.mdx b/docs/widgets/iframe/index.mdx
index 78783a00..b03b9ac4 100644
--- a/docs/widgets/iframe/index.mdx
+++ b/docs/widgets/iframe/index.mdx
@@ -42,8 +42,12 @@ for security reasons, as users could easily be tricked
 by embeding the original site on a malicious page.
 
 Some proxies disallow iframes by default for this reason.
-You can use https://iframetester.com/ to check, if the site is allowing iframes.
-If you manage all of your own applications, you can usually change that.
+You can use https://iframetest.com/ to check, if the site is allowing iframes.
+If the website doesn't allow iframes, you can use a free proxy-based solution
+like https://webfuse.com/+iframetest/?url=https%3A%2F%2Fgithub.com.
+
+If you manage all of your own applications, you can usually change that by configuring
+the appropriate headers (such as `X-Frame-Options` or `Content-Security-Policy`) to allow iframes.
 
 ### Example URLs
 

From f6deae6b3be19c4daef2239a42766ac14c6c65cd Mon Sep 17 00:00:00 2001
From: Tony Pushmore <161847159+tonysurfly@users.noreply.github.com>
Date: Thu, 23 Oct 2025 10:54:47 +0200
Subject: [PATCH 2/2] Update index.mdx

---
 docs/widgets/iframe/index.mdx | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/docs/widgets/iframe/index.mdx b/docs/widgets/iframe/index.mdx
index b03b9ac4..5be26f3b 100644
--- a/docs/widgets/iframe/index.mdx
+++ b/docs/widgets/iframe/index.mdx
@@ -42,13 +42,25 @@ for security reasons, as users could easily be tricked
 by embeding the original site on a malicious page.
 
 Some proxies disallow iframes by default for this reason.
-You can use https://iframetest.com/ to check, if the site is allowing iframes.
-If the website doesn't allow iframes, you can use a free proxy-based solution
-like https://webfuse.com/+iframetest/?url=https%3A%2F%2Fgithub.com.
+You can use https://iframetest.com to check, if the site is allowing iframes.
 
 If you manage all of your own applications, you can usually change that by configuring
 the appropriate headers (such as `X-Frame-Options` or `Content-Security-Policy`) to allow iframes.
 
+For example, to allow your site to be embedded in iframes from specific domains:
+
+**Apache (.htaccess or httpd.conf):**
+```apache
+Header set Content-Security-Policy "frame-ancestors 'self' https://trusted-domain.com"
+Header set X-Frame-Options "ALLOW-FROM https://trusted-domain.com"
+```
+
+**Nginx:**
+```nginx
+add_header Content-Security-Policy "frame-ancestors 'self' https://trusted-domain.com";
+add_header X-Frame-Options "ALLOW-FROM https://trusted-domain.com";
+```
+
 ### Example URLs
 
 - **Wikipedia homepage:** https://en.wikipedia.org/wiki/Main_Page