Hello again Bruno. Again, thank you for responding. I’m looking into the CorsFilter option now.
The original developer did finally get back to me and he said:
The reason that the embed does not work is because they changed the way that their maps works. Now the map cannot be embedded directly using an iframe, you must use the JS script as you already tested on your html test file, if you use the iframe from the intranet you will get the same error.
The solution is not that easy or quick. As the map docs says, the embed JS must be added and also if you want to customize the map you must add an extra script with the right configuration and the vessel number. So the tracking.php file must be modified in order to generate the right script and add JS Embed file, also the user should input the vessel number instead of the map url.
But I’m wondering if the CorsFilter would fix it all. I’ll keep you posted. Thanks my friend.
This error is not a bug. The same-origin policy is a security mechanism that ensures that window objects only have access to the informations they are authorized to get.
The window.postMessage() method provides a controlled mechanism to securely circumvent this Same-Origin Policy restriction. The window.postMessage() safely enables cross-origin communication between Window objects; e.g: between a page and an iframe embedded within it.
targetOrigin - specifies what the origin of targetWindow must be for the event to be dispatched, either as the literal string “*” (indicating no preference) or as a URI.
