====== Web Zone prerequisites ======


===== Introduction =====

zebrix allows you to integrate an existing website into your pages. However, the functionality of this feature is dependdent on a variety of factors outside Zebrix, over which has no control. Zebrix just displays the content or not, depending on the parameters of the Web site.

<WRAP center round info 80%>
We can not guarantee the proper display of external web content on your screens, just as we can not guarantee the proper operation of your zebrix screen when these third-party content is displayed.
</WRAP>


This guide lists a bunch of the most common problems our users have and possible solutions to these problems.

**  - The site I'm trying to view does not appear in the Page Editor or in the Page Preview, but works on the screen**

The zebrix CMS is secured by the HTTPS protocol, it limits the possibilities that your password or other private information can be intercepted by a malicious person.

When you try to display a non-secure website (whose address starts with http: // and not http ** s **: //), your internet browser forbids this "non-secure" site displays in the secure page editor because of its security policy. (All internet browsers work this way).

You can therefore preview in the page editor your sites only if they are in https. However, this should not be a problem on your screens, which are connected to http (the default).

<WRAP center round important 80%>
It is possible to access to Zebrix in http (non-secure), you can then preview your non-secure site in the page editor, but we strongly advise against accessing Zebrix in an unsecured way.
</WRAP>

**  - The site i integrated in a page is not displayed, neither in the zebrix interface nor on the screens**

Some sites forbid to be integrated into another site. This option is usualy set by the developer or administrator of the website you are trying to integrate. 
It is actualy a common recommanded setting for security reason.

This prohibition is defined by an http header set by the web server and taken into account by your web browser (and the integrated one into the display).
One of these two following headers (or both) could prevent the web content to be displayed in the page editor or on the screen:

There are different options, such as "SAMEORIGIN" which only allows iFrames from the same domain, and "DENY" which completely blocks iFrames.

  - "X-Frame-Options" (considered as deprecated my most recent web browsers)
  - "Content-Security-Policy"

{{public_media:x-frame-options-sameorigin.png?nolink|}}

In the example above, the X-Frame-Options only allow website having the same domain (same origin) to embed it. As zebrix is considered as a different website (other domain name), the zebrix domain name has to be added in a whitelist.

Here is how the **X-Frame-Options** header can be set :

<code>X-Frame-Options: Allow-From *.zebrix.net;</code>

Here is how the **Content-Security-Policy** header needs to be adjusted:

<code>Content-Security-Policy: frame-ancestors 'self' *.zebrix.net;</code>

**  - The site I want to embed in my page displays ads or messages in the foreground, how can we make them disappear ?**

Unfortunately, when you integrate a website in a web area, you are dependent on the content imposed by this website.

**  - The SAMSUNG screen freezes on the page that integrates the website I chose to display or, worse yet, it crashes or restarts**

Unfortunately, we can not guarantee the proper functioning of a screen on which you integrate third-party web content that uses HTML, CSS, Javascript, Flash or other code that is not supported by the screen

But for some cases, if you're using a NUC, the firmware version could be the cause, is so, please contact our support : support.ds@manganelli.com

** - The site I embedded in a page does not display or displays badly on the screens **

Sandboxes are browser features that allow you to restrict the actions that can be performed by the content of an iFrame. 
This can include restricting scripts, forms, etc.

There is an option in the hardware tools to disable sandboxing on screens.

Warning! The SandBox of an iframe is a security feature that prevents external content from running on the screen. 
We strongly advise against disabling the SandBox of an iframe, unless your situation requires it and you understand the risks involved.