Why webViewer widget of mappView does not show external web page with error "refused to connect"


  • The aim of this article is not to cover theory of HTML and its tag iframe
  • it is only extension of documentation of webViewer widget

Source of information:



  • webWiever widget is so called iFrame, this is used to embed another document within the current HTML document.
  • browser can block embedded page if the page is not hosted by same domain
  • a creator of a webpage, define how and where your content is to be shown.
    This is a sample from the B&R webpage:


  • The used “Content-Security-Policy” defines that this page only wants to be included in a IFrame if the webpage with the IFRame is hosted on a B&R domain (or localhost “self”). If a browser renders the page and sees these settings, he will simply reject to load the (B&R) page in the IFrame.


  • not on mappView side. Theoretically it would be possible to channel the page to be included through a “proxy” and modify the Content-Security-Policy – however, this is in many cases also not possible / simple due to the usage of https, where the whole traffic is encrypted and authenticated.

Why some creators of webpage block it and some not?

  • This is all about security. Usually you use the content-security-policy to control from where e.g. JavaScript or CSS files are loaded to prevent anyone from abusing your code or to prevent code-injection at all. It is a typical trend in WWW to restrict where and how things can be used, so lets say it is mainly “best practice”.


  • would like to be sure if your web page can be displayed in iframe? use this link to check it out.