Overview
In M-Files Hubshare, you can use iframe integration in custom content widgets and starting from the 25.8.x version of M-Files Hubshare, you can use embed mode to integrate a dashboard or widgets to an external website.
In some situations, you might get an error message telling you "xxx.hubshare.com has refused to connect"
You might also get a message like this in your browser console:
"Console log - Loading the script '<URL>' violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked."
Solution
First, double check if you have the third-party cookies enabled.
In your DevTools, you can find this highlighted message in the "Privacy and security" tab.
We use a third-party cookie to make the embedded mode work as expected, and in some cases, you might have it blocked either by default or by your organization as shown below.
Try to make sure the website in use to integrate Hubshare is allowed to use third-party cookies.
If you still get this error message after enabling this setting, this can be related to the Content Security Policy set by M-Files on our Cloud hosting tools.
To get your website whitelisted by M-Files, please make sure one of your assigned Trusted Persons (known as trusted contacts) makes the request to our M-Files Support Portal. We will need the URLs in use to integrate Hubshare as embed or set in custom content widgets, and the Hubshare URL currently in use.
M-Files Hubshare team will then proceed to add this URL and allow you to use Hubshare embedded mode and iframe integration in your widgets.
