{"id":411495,"date":"2024-10-18T08:00:00","date_gmt":"2024-10-18T08:00:00","guid":{"rendered":"https:\/\/www.weixiaoduo.com\/plugins\/ruigehond-embed\/"},"modified":"2025-04-30T23:01:00","modified_gmt":"2025-04-30T23:01:00","slug":"ruigehond-embed","status":"publish","type":"post","link":"https:\/\/www.weixiaoduo.com\/plugins\/ruigehond-embed\/","title":{"rendered":"Ruigehond embed"},"content":{"rendered":"<p>Plugin to embed selected urls from your site elsewhere.<\/p>\n<h4>Security<\/h4>\n<p>Other embedding will be prohibited by default, with an <code>X-Frame-Options<\/code> header and, optionally, a <code>Content Security Policy<\/code> header.<br \/>\nThis will secure your WordPress website from a number of fairly easy attacks.<\/p>\n<p>To make this plugin especially useful you can now allow (third party) websites to embed specific urls from your site.<br \/>\nEasily reuse forms or other content from your main site on satellite sites you own, without opening up any of them to attack.<\/p>\n<h4>Quick setup<\/h4>\n<p>Activate the plugin and go to Settings -> Ruigehond embed.<br \/>\nAdd a reference (e.g. <code>general-contact-form<\/code>) in the <em>title<\/em> field and save the settings.<br \/>\nAdd a slug it should serve (e.g. <code>\/contact-clean\/<\/code>) in the <em>embed<\/em> field.<br \/>\nAdd urls that may embed this, aka referrers, (e.g. <code>https:\/\/my-satellite.site<\/code>) in the textarea.<\/p>\n<h4>Embedding<\/h4>\n<p>Install the plugin on your satellite site. This has the added benefit of locking down that site as well.<\/p>\n<p>Use the simple shortcode on that site to generate an iframe with the embedded content:<br \/>\n    [ruigehond-embed src=\u201dhttps:\/\/my-main.site\/ruigehond_embed\/general-contact-form\u201d]<\/p>\n<p>Watch the form magically and safely be embedded. Other sites will continue to not be able to embed your content.<\/p>\n<p>You can also embed using a regular iframe in html, as long as the referrer is whitelisted.<br \/>\nHowever, by using the plugin and shortcode, the height of the iframe will automatically be adjusted to fit the content.<\/p>\n<h4>Use htaccess<\/h4>\n<p>This plugin adds lines (clearly marked) at the beginning of your htaccess file.<br \/>\nThey need not be at the beginning, but they need to be before the WordPress lines, or any other lines that corrupt the <code>THE_REQUEST<\/code> var.<\/p>\n<p>This plugin needs <code>mod_headers<\/code>, <code>mod_rewrite<\/code> and <code>mod_setenvif<\/code> to be activated, but they probably already are.<\/p>\n<h4>Without htaccess<\/h4>\n<p>When the htaccess is not processed, the plugin itself works directly with the request in the php processor.<br \/>\nThe CSP header is not supported in that case.<br \/>\nAlso, other plugins (especially caching plugins) may already have decided on a different route and this plugin might not work.<\/p>\n<h4>Content Security Policy<\/h4>\n<p>You can switch on the <code>Content Security Policy<\/code> (or <code>CSP<\/code>) header in this plugin, which is the most modern way to tackle these issues.<br \/>\nHowever, other plugins may interfere, so be sure to check whether the CSP header is to your liking in practice.<\/p>\n<p>This plugin will add a <code>CSP<\/code> header if none is present yet.<br \/>\nBut if one is present, the <code>frame-ancestors<\/code> directive must be present in it for this plugin to work.<br \/>\nIt will only set the <code>frame-ancestors<\/code> directive, none of the others (to not break your site).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Prevent your site from being embedded. Select specific urls that may be embedded from specific origins.<\/p>\n","protected":false},"author":65,"featured_media":411496,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"slim_seo":{"title":"Ruigehond embed - \u8587\u6653\u6735\u63d2\u4ef6\u76ee\u5f55","description":"Prevent your site from being embedded. Select specific urls that may be embedded from specific origins."},"footnotes":""},"categories":[1],"tags":[57930],"class_list":["post-411495","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-x-frame-options-embed-embedding-iframe-sameorigin"],"_links":{"self":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/posts\/411495","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/comments?post=411495"}],"version-history":[{"count":0,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/posts\/411495\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/media\/411496"}],"wp:attachment":[{"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/media?parent=411495"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/categories?post=411495"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.weixiaoduo.com\/plugins\/wp-json\/wp\/v2\/tags?post=411495"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}