What has changed with the 3.10.x release version?
In order to have the ITONICS Innovation OS as stable and secure as possible, we have implemented a strict content header policy with the 3.10.0 release that prevents the embedding of iframes from external domains into rich text fields.
How does it affect your system?
All embeds from external domains get blocked and need to be whitelisted. With the 3.10.8 release, we have implemented a default whitelist of embeddable domains:
- https://forms.office.com
- https://miro.com
- https://www.player.vimeo.com
- https://www.surveymonkey.com
- https://*.sharepoint.com
- https://sharepoint.com
- https://www.youtube.com
How to add additional domains to the whitelist?
If you would like to add additional external domains to the whitelist on your system, please contact the ITONICS Helpdesk (support@itonics-innovation.com).