Embedding Issues
Third-Party Cookies
Modern browsers often block third-party cookies, which are essential for services like GoodData when embedded in another website or application. If you disable these cookies, you might have trouble accessing GoodData Portal within an embedded window. Dashboards will not display until you enable third-party cookies in your browser.
When integrating GoodData via an iframe, use a white-labeled GoodData version with a matching domain to your hosting application (e.g., analytics.example.com for example.com). This prevents cookie-related issues and is recommended unless you opt for operations exclusively through the React SDK.
If you are using React components, no changes are necessary. The embedded code isn’t hosted on a third-party server, so it will not be affected.
Alternatively, if changing the domain name is not suitable, you will need to enable partitioned cookies.
Embedding in Google Chrome
In Version 80, Google Chrome changed the default value of the SameSite
cookie.
- Before Version 80, the
SameSite
cookie defaulted toNone
. - In Version 80, the default was changed to
Lax
.
This allows the cookie to be sent only with the top-level navigation. As a result, third-party cookies cannot be set. Because embedding GoodData relies on third-party context, embedded GoodData objects (for example, KPI Dashboards or Analytical Designer) may have become unavailable. To address those changes, we hardcoded the SameSite=None
attribute within the GoodData platform.
Some user agents are known to be incompatible with the SameSite=None
attribute (for details, see SameSite=None: Known incompatible clients). If you have issues with embedded GoodData objects in Google Chrome, try the following:
- Upgrade your browser to the latest version.
- If possible, use a different browser. For the list of supported browsers, see System Requirements and Supported Browsers.
For Chrome browsers Version 79, you can simulate the behavior of Version 80 that enforces the SameSite check. To do so, go to chrome://flags/
and enable the SameSite by default
cookies.
For more information, see the following articles:
- Chrome Platform Status: Reject insecure “SameSite=None” cookies
- SameSite cookies explained: Secure your site by learning how to explicitly mark your cross-site cookies
Embedding in Safari
Safari blocks all third-party cookies by default. GoodData relies on third-party cookies to authenticate users when its offerings are embedded in another web page. Due to the GoodData implementation, Safari views embedded GoodData dashboards as third-party cookies.
If you have issues with embedded dashboards in Safari, navigate to the dedicated resource from your site. This dedicated resource sets a special cookie named GDCCookiesFix
with one year validity from the GoodData domain and redirects calls back to your site based on the Referer HTTP header.
Ensure that the dedicated resource is called only once, or the access will result in a loop.
In the example below, the dedicated resource is https://GoodData_URL/cookiesFix.html
. Remember to use the required URL address for this.
Example:
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title></title>
<meta name="copyright" content="Copyright © 2008 - 2019 GoodData Corporation. All rights reserved.">
</head>
<body>
<iframe frameborder="0" src="EMBEDDED_DASHBOARD_LINK" width="100%" height="808px" allowTransparency="false"></iframe>
<script>
var createCookie = function(name, value, days) {
var expires, date;
date = new Date();
date.setTime(date.getTime()+(days*24*60*60*1000));
expires = "; expires="+date.toGMTString();
document.cookie = name+"="+value+expires+"; path=/";
};
var safariFixCookie = "safari_fix";
var is_safari = /^((?!chrome|android).)*safari/i.test(navigator.userAgent); // safari detection
if (is_safari) {
if (document.cookie.indexOf(safariFixCookie) == -1) {
createCookie(safariFixCookie, 'fixed', 365);
window.location.replace("https://GOODDATA_URL/cookiesFix.html");
}
}
</script>
</body>
</html>
If this does not help, explicitly enable third-party cookies in your browser.
Enabling Cookies in Your Browser
Explicitly enable third-party cookies in your browser. For specific instructions in enabling cookies, see user documentation for your browser. Instructions may differ depending on the version of the browser and your operating system.
For more information, see Known Issue: Blocking Cookies May Make Embedded GoodData Inaccessible.
Enabling Partitioned Cookies
Google announced that later in the year 2024, the Google Chrome browser may drop support for third-party cookies, a change explained in this Google blog post. This could pose challenges for users who embed GoodData content within their web apps through iframes, if they did not whitelabel their GoodData domain to be in aligned with their main app’s domain. Up until now, these third-party cookies were key for logging in and accessing GoodData’s features smoothly, and this approach would no longer be possible.
GoodData is adapting to this planned change, by offering the option to use partitioned cookies for iframe embedded content, to maintain functionality without enabling cross-site tracking. This change, recommended by Google, allows GoodData services embedded in applications to save their state in a separate cookie jar, partitioned by the top-level site, ensuring user authentication and content access within the same iframe context
To enable partitioned cookies, see Enable Partitioned Cookies.