Hello,
We are using the open-source BI tool Helical Insight version 6.1. When trying to embed reports/dashboards using an iframe, the resources are getting blocked.
In the browser console, we see the error:
"Loading of a frame denied by ‘X-Frame-Options’
Why does this issue occur, and what is the recommended way to resolve it so that dashboards can be embedded successfully?
thanks,
Netta.
Hello,
To avoid CORS and X-Frame issues, the recommended approach is to serve both your application and Helical Insight from the same public origin (same domain and port). This can be achieved by placing a reverse proxy in front of both systems so that all traffic is accessed through a single HTTPS endpoint (port 443).
Using a reverse proxy (such as Nginx, Apache, or HAProxy), you can internally route requests to different ports—for example, /app to port 8080 and /helical to port 8085—without exposing those ports externally. This ensures the browser sees both applications as coming from the same origin.
This approach is secure, easy to maintain, and widely used for embedded BI integrations. It avoids cross-origin restrictions, simplifies session management, and works cleanly for long-term, scalable deployments.
Example :
https://yourdomain.com/app → routes to internal app (http://localhost:8080)
https://yourdomain.com/helical → routes to Helical (http://localhost:8085)
From the browser perspective, both URLs are from the same origin, so no CORS or iframe issues occur
Thank You,
Helical Insight.