Iframe not loading in Visual Editor when using Vercel Preview Deployment url

elisamartins · December 22, 2023, 8:55pm

Builder content link

Builder public api key
f7525ed44d54419a91ab4f30a89d09a6

What are you trying to accomplish
I want to load a page on the Visual Editor but when I use a URL from Vercel Preview Deployment, the iframe doesn’t load. I tried using the Chrome Extension, using vercelPreview: true and setting nextjs headers to allow builder.io.
Here’s the error I am getting:
Refused to display ‘https://vercel.com/’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.

Screenshots or video link
Video Link

Code stack you are integrating Builder with
NextJS

Reproducible code example

  const content = await builder
    // Get the page content from Builder with the specified options
    .get("page", {
      userAttributes: {
        // Use the page path specified in the URL to fetch the content
        urlPath: "/builder/" + (props?.params?.page?.join("/") || "")
      },
      options: {
        vercelPreview: true
      },
      // Set prerender to false to return JSON instead of HTML
      prerender: false
    })
    // Convert the result to a promise
    .toPromise();

sheema · December 26, 2023, 2:19pm

Hey @elisamartins I tested my vercel preview on your space. It worked fine.
Could you test the following code for the integration:

const page = await builder.get('vercel', {
    userAttributes: {
      urlPath: '/' + (params?.page?.join('/') || ''),
    }
  })
  .toPromise() || null

elisamartins · December 27, 2023, 2:59am

Hello Scheema, thanks a lot for the reply ! I am still getting the same error. Do you have any special configuration for your Vercel environment ? I tried setting the X-Frame-Options headers in my next.config.js file like but it doesn’t work.

async headers() {
    return [
      {
        source: "/:path*",
        headers: [
          {
            key: "X-Frame-Options",
            value: "ALLOWALL"
          },
        ]
      }
    ];
  },

sheema · December 27, 2023, 7:30am

Could you please share your Builder content entry link with me?

elisamartins · December 27, 2023, 5:22pm

I’m not sure what you mean. Is it this link: Builder.io: Visual Development Platform

sheema · December 29, 2023, 10:40am

Could you try with the below configuration and let me know how it goes?

async headers() {
    return [
      {
        source: '/:path*',
        headers: [
          // this will allow site to be framed under builder.io for wysiwyg editing
          {
            key: 'Content-Security-Policy',
            value: 'frame-ancestors https://*.builder.io https://builder.io',
          },
        ],
      },
    ]
  },

elisamartins · December 31, 2023, 3:54am

Hi Scheema, unfortunately I am still getting the error “Refused to display ‘https://vercel.com/’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.”

sheema · January 3, 2024, 11:01am

Hey @elisamartins I can see the issue is still not resolved. Please try to set X-Frame-Options header with the value ALLOW-FROM https://builder.io. Could you please install the Builder chrome extension and check whether you have the access to builder Component. If you have updated your Vercel configuration it might be a cache issue.

spm922 · January 17, 2024, 4:03pm

I’m having the same issue with my Vercel Preview environments.

I added the vercelPreview option like this

  const page =
    (await builder
      .get("page", {
        userAttributes: {
          urlPath: "/" + (params?.page?.join("/") || ""),
        },
        options: {
          vercelPreview: process.env.NEXT_PUBLIC_VERCEL_ENV	=== 'preview',
        }
      })
      .toPromise()) || null;

I also set the CSP frame-ancestor header and X-FRAME-OPTIONS (although this is superseded by the CSP as so

  async headers() {
    return [
      {
        source: '/:path*',
        headers: [
          // this will allow site to be framed under builder.io for wysiwyg editing
          {
            key: 'Content-Security-Policy',
            value: 'frame-ancestors https://*.builder.io https://builder.io',
          },
          {
            key: 'X-FRAME-OPTIONS',
            value: 'https://*.builder.io https://builder.io',
          },
        ],
      },
    ]
  },

I have the Builder Chrome extension and it has access to the builder Component.

This is what I see in the Builder Editor

My production Vercel deployment works as expected.

spm922 · January 17, 2024, 4:18pm

It appears that Vercel is throwing a 401 Unauthorized Error to Builder. I assume my user session isn’t being passed properly from my browser via the Builder editor to authenticate to my preview deployment.

sheema · January 19, 2024, 2:51pm

Hey @spm922 please share your Builder content entry link with me to investigate the issue further.

Topic		Replies	Views
Can no longer access builder visual editor or localhost on dev server - iframe doesn't exist Technical Questions visual-editor , nextjs	3	238	September 12, 2023
Not receiving encoded data to use in Vercel live preview Technical Questions	4	252	October 3, 2023
Preview Load Error Visual Editor Help	2	43	March 30, 2024
403 Error in Editor Bugs react , nextjs	1	503	March 15, 2022
Builder.io Editor lag Visual Editor Help visual-editor , react , nextjs	10	283	January 9, 2024

Iframe not loading in Visual Editor when using Vercel Preview Deployment url

Related Topics