Embedded HTML page security

I am using the Text panel to embed a full HTML page with some information, using <embed type=“text/html” src="/public/stuff/staticpage.html" width=“1000”, height=“1000”>. This all works fine but does not appear to be very secure. That is, the page can be accessed outside of grafana by simply going to the url https://serverip:3000/public/stuff/staticpage.html. I was wondering how I can include the static HTML page within the secured environment of Grafana itself, instead of it being accessible from the outside like that. Does anyone have some suggestions?

Hi,

One workaround is to use an http server (apache for example) and restrict access to the static page only to localhost (which is grafana).

Another sophisticated way to do it is to convert your static page to an image or svg (example: Convert HTML to SVG / URL to SVG (Online & Free) — Convertio ) and then display it on grafana.

Hope it helps, Good Luck

I figured I would try the apache server option since the static pages do have some interactive elements to them which would be lost when converting to SVG.

The solution does not seem to work though. The apache server runs fine and only allows connections on 127.0.0.1:80, but when trying to embed http://127.0.0.1:80/staticpage.html it will never show unless you acess grafana from the server itself. I reckon embedded pages can only displayed when the viewer already has access to them?

This topic was automatically closed after 365 days. New replies are no longer allowed.