Hi Everyone!
I have a question about enabling iFrames in your bubble app. We’ve had a request from a customer to enable iFrames so that they can embed our app into their main app. We currently have this feature blocked.
This use case makes sense as we offer a marketing tool that many agencies use and allow access for their clients. It is whitelabeled and some users use their own vanity domains to access it, so understand that some customers might want this sort of function.
My question is, is there any risk to the security of our app if we allow iframe embedding? We are vigilant with ensuring privacy settings are on our database but some of my reading on google suggests that it can pose an additional security risk?
Is there a better way I should consider to allow customers achieve something like this, widgets etc.?
Thanks in advance for your help and thoughts.
Best,
Kim