Cross frame communication

To enable cross frame communication, Siren Investigate exposes an object at window.sireninvestigate; due to the browser’s Content Security Policy, the object can be called only if both Siren Investigate and the container page are in the same domain.

Assuming the following:

  • Investigates runs at localhost:5606

  • The container app runs at localhost:3000

  • Your domain is example.com

To serve both applications from the same domain:

  1. Install a reverse proxy in front of both applications.

  2. In the container app include an iframe to serve Investigate from example.com/siren.

  3. Add server.basePath: "/siren" to investigate.yml and start it at localhost:5606.

  4. Configure the reverse proxy to serve the container app at the root path / (example.com to localhost:3000).

  5. Configure the reverse proxy to serve the Investigate app at the /siren path (example.com/siren to localhost:5606), and also add a rewrite rule to this configuration to strip the /siren prefix from the URLs.

Methods

generateShortUrl(shareAsEmbed, displayNavBar)

Generates a shortened URL containing the current Siren Investigate state and returns a promise fulfilled with the URL.

Parameters:

  • shareAsEmbed: if set to true, the top navigation bar and dashboard tabs will be hidden when opening the shortened URL.

  • displayNavBar: if set to true, the dashboard tabs will not be hidden when sharedAsEmbed is set to true.

Sample usage:

Put the following code in the container page, replacing investigateframe with the ID of the frame in which Siren Investigate is embedded:

document.getElementById('investigateframe')
.contentWindow
.sireninvestigate
.generateShortUrl(true, true)
.then(function(url) {
  console.log("Generated URL: " + url);
})
.catch(function(error) {
  console.log("An error occurred while generating the URL");
});

If possible, you should purge old documents of type url from the .siren index periodically; old documents can be identified by looking at the createDate attribute.

setJWTToken(token)

Sets or updates the JWT token for the current session if JWT authentication support is enabled; returns a Promise after the token has been sent to the backend.

Parameters:

  • jwtToken: a base64 encoded JWT token.

Sample usage:

Put the following code in the container page, replacing investigateframe with the ID of the frame in which Siren Investigate is embedded:

document.getElementById('investigateframe')
.contentWindow
.sireninvestigate
.setJWTToken(`eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJraWJpdXNlciJ9.kZhLu15FwxrX4hPE1ciyzw_NufZ_oH7aSGpLZHachPg`)
.then(function() {
  console.log('JWT token set.');
})
.catch(function(error) {
  console.log('An error occurred setting the token.');
});

After the token is set, you can change the Siren Investigate URL and the user should be authenticated; the application should call the method again with an updated token before the current one expires.