# Running in an iFrame

If the src of the iframe points to the same domain as the toplevel window then it will work out of the box.

But if the toplevel window is for example "demo1.com" and the IFrame points to "demo2.com" then a number of things need to be configured correctly to run the NGClient normally in an IFrame.

* [CSP](/guides/deploy/server-configuration/server-settings.md#content-security-policy-csp) frame-ancestors must be set to demo1.com (if a port is used that is not 80 then the port must also be given like :8080). This can be done on the admin page with the property servoy.ngclient.contentSecurityPolicy.frame-ancestors
* 3rd party cookies must be allowed for the domain "demo2.com" in the browser (this can't be controlled by Servoy, must be configured correctly in the users browser)
* The session cookie of the container (like tomcat) must be correctly configured, the "SameSite" attribute of the cookie must be set to "none", this can't be "strict" or "lax", the latter is the default when nothing is set.
* HTTPS must be enabled for that SameSite attribute value

To configure the session cookie to have the SameSite attribute set to none you need to lookup the documentation of your Servlet Container

For [Tomcat](https://tomcat.apache.org/tomcat-8.5-doc/config/cookie-processor.html) (and maybe others) this means you need to have in the WAR file a "META-INF/context.xml" file which has as content:

```xml
<Context>
   <CookieProcessor sameSiteCookies="none" />
</Context>
```

But in the browser cookies with `"none"` as SameSite can only be set when the `"secure"` is also true, so you need to run in https mode for this to work.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.servoy.com/guides/deploy/other-topics/running-in-an-iframe.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.