SuiteCRM8 embedded as an iFrame not working

Hi All.
I have been struggling now for days to find a solution and coming up empty. Every time I think I have found it… turns out not.

I had this working no problem on SuiteCRM7 but after upgrading / migrating to 8 it does not work.
I have tried various Cross domain headers on my webserver but it still fails with a 403 forbidden when accessing https:///api/graphql and seems to start referencing a polyfills page error.

I can access the site perfectly okay when direct, so I believe it has something to do with a CORS or same-source.

There is some sort of Angular / Symfony element at play, but trying to find the correct file(s) is challenging. I have tried making changes to .env file with no luck

Does anyone by chance have an actual working version of SuiteCRM8 where it is embedded as an iframe in a different URL? and if so do you have details of what values you needed to enter in which override to make this work ?

i have reviewed multiple pages (both SuiteCRM and others) that have what sound like similar issues but none of the fixes have worked.

My environment is Debian 12, Apache2 PGP8.2 but I have also tried with NGINX with the same result.

Any insight will be helpful


bump… can someone post a github request to get iframe to work on suite8.

I have it working, but depending on what release of 8 you are working on, you need to do some manual modifications to some files and you also need to download a newer SugarApplication.php that was fixed.

Details of the manual mods I did as well as the Dev fixed file are available through the posts below. the xsrf-token-lax issue has not been addressed yet by Dev, so if you manually update it, be aware for upgrades.
Hope that helps you.

Thank you for your response and contribution to the community. I have the latest suitecrm8.6 which suitecrm version does this work for?