WMC Content within iFrame
iFrames allow Affiliates to embed WMC order forms onto external websites. Below we’ll outline instructions and best practices for embedding order forms onto your sites.
Domains
WMC added a security implementation (documentation: frame-ancestors in CSP ⟶ Allowing / Blocking iframes from Loading) so that ONLY whitelisted domains can load WMC content pages on an iFrame.
IMPT: Need to check with WMC team to make sure the domains (external) you want to use for the iFrame have been whitelisted. If they have not, the order form will NOT load in the iFrame.
Using Non-Whitelisted Domains
Any iFrame that is loaded on any external domain that is NOT whitelisted will have the following header. This will prevent the page from loading and result in a 404 error.
frame-ancestors 'self'
Phase 1 Recommendation:
Use effort created (beginning to end) in WMC - order form, journey AND effort created in WMC
Why? We can only support one domain for the iFrame so we can’t utilize the IRIS connection/promotion domain
Reporting implications:
Will not see the promotion code/effort in IRIS
Will not see stats in IRIS
Will only see basic order reporting in BI reports (no IRIS stats)
Since we recommend basic order forms only for this functionality (aka no promotional elements – see below) missing stats should be limited
Only include e-comm components (order form and confirmation page)
Don’t include marketing components (promotional content, videos, etc.)
Why? This functionality and reporting related to it will be limited when using WMC end to end (for more information: WMC End to End Limitations)
Simple, one-step, main item orders only – don’t recommend cross-sell and upsell components
Why? Reporting will be limited when using WMC end to end. Most notably, you’ll be unable to differentiate between primary and upsell orders in reporting.
We can differentiate between primary and cross-sell orders using back up logic (i.e. any item that is not the assumed primary item (using back up logic) is labeled a cross-sell)
For more information: WMC End to End Limitations)
Phase 1 Instructions:
Once the effort is created in WMC, use the effort link (located at the bottom of the ‘edit’ effort screen) when setting up the iFrame on your external website
Will use a transaction domain
Sandboxing will be handled by WMC (adding sandbox and attributes to the headers)
NO ACTION is needed/suggested from the Affiliates, as it will break the functionality.
Any content loaded from within these domains, will have the following tags on the response header:
sandbox allow-forms allow-scripts allow-same-origin allow-popups