Cookie blocked and login to Zoom is not possible after the updating to Chrome version 80.0.3987.132

Starting meetings is not supported inside an iFrame, unless you sign in. That is the designed functionality.

Hello @tommy. Is there any reason to not make it easier to start meetings inside an iFrame as host? The browser still prompts the user to open Zoom, so there doesn’t seem to be a privacy/security risk.

In our use case we want any member of an online community to be able to start a meeting that is created via the API. They can do this as a meeting participant but the start-as-host link will not work this way.

Here’s an example you can try where the participant button that you see will work: https://qiqochat.com/meet/Lucas_Cioffi
However if you were the admin, you’d also see a join-as-host button which opens Zoom in an iframe which does not work. Instead this pops up in the JS console (Version 80.0.3987.149, Official Build, 64-bit):

The Content Security Policy ‘default-src blob: ‘self’; script-src ‘unsafe-eval’ ‘unsafe-inline’ blob: https://.50million.club https://.adroll.com https://.cloudfront.net https://.google.com https://.hotjar.com https://.zoom.us https://.zoomus.cn https://.zopim.com https://ad.lkqd.net https://ajax.aspnetcdn.com https://apiurl.org https://appsforoffice.microsoft.com https://assets.zendesk.com https://bat.bing.com https://cdn.5bong.com https://cdn.jsdelivr.net https://cdncache-a.akamaihd.net https://code.jquery.com https://connect.facebook.net https://consent.trustarc.com https://extnetcool.com https://fp166.digitaloptout.com https://googleads.g.doubleclick.net https://intljs.rmtag.com https://pi.pardot.com https://px.ads.linkedin.com https://ruanshi2.8686c.com https://rum-static.pingdom.net https://s.dcbap.com https://s.yimg.com https://s.ytimg.com https://s3.amazonaws.com https://scout-cdn.salesloft.com https://sealserver.trustwave.com https://secure-cdn.mplxtms.com https://secure.myshopcouponmac.com https://snap.licdn.com https://sp.analytics.yahoo.com https://srvvtrk.com https://static.zdassets.com https://static2.sharepointonline.com https://tag.demandbase.com https://tpc.googlesyndication.com https://tracking.g2crowd.com https://translate.googleapis.com https://trk.techtarget.com https://unpkg.com https://www.comeet.co https://www.dropbox.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://www.youtube.com https://d.adroll.mgr.consensu.org https://serve2.cheqzone.com https://*.ada.support ‘self’; img-src https: blob: data: ‘self’; style-src https: ‘unsafe-inline’ ‘self’; font-src https: data: ‘self’; connect-src * data: ‘self’; media-src * blob: ‘self’; frame-src https: ms-appx-web: zoommtg: zoomus: ‘self’’ was delivered in report-only mode, but does not specify a ‘report-uri’; the policy will have no effect. Please either add a ‘report-uri’ directive, or deliver the policy via the ‘Content-Security-Policy’ header.

As API users, we pay by the minute, so if you can make it easier for our users to start these kinds of meetings as host, then you will get more minutes purchased by us. This is a critical bug for us. Thank you for your consideration!

Hey @hernantorrisi,

What exactly is failing? Please provide your iFrame code. Remember, you cannot use iFrame to start meetings, only join them.

Thanks,
Tommy

Hey @lucas.cioffi, we are investigating if there is an easier way to embed Zoom into an iFrame.

You cannot start meetings with an iFrame. Meetings must be started via the start_url or from the Zoom Client or Web Portal.

Thanks,
Tommy

Thanks Tommy, I am aware of that part. We have covered that already on this thread before.
As I explained on my last message, we are only blocked by the Google SameSite cookie policy.
Can you set your Chrome cookies to enabled ( SameSite by default cookies and Cookies without SameSite must be secure) and try logging in on the iframe inside this demo link?

You’ll see you won’t be able to login at all.

Hello @tommy, it’s great to hear that you’re investigating ways to embed Zoom into an iFrame.

FWIW, this is how we have been enabling users to start Zoom meetings as host for the past few years…

With a Rails app, we update a hidden iframe’s src attribute using JQuery:
$('#zoom_iframe').attr('src','<%= @meeting["start_url"] %>');

Then the Zoom desktop/mobile app opens. This still works in Firefox 74 but not in the latest Chrome as of this week.

Hey @hernantorrisi,

This is intended. You cannot login to Zoom inside iFrames.

Thanks,
Tommy

Happy to hear you found a work around @lucas.cioffi.

If you are trying to open the Zoom Client directly, you can also use these urls:

-Tommy

@tommy you asked about our use case before to see if you could help us with a workaround.
I want to make sure that, in conclusion, there is no workaround. On an iframe, there is no way for users to host a meeting. Is that correct?
Thanks

Hey @hernantorrisi,

Correct, there is no way for users to start a meeting on an iFrame.

Work around would be to use OAuth to Create Meetings on their behalf, and have the host of the meeting start it via the start_url. Then you can use the iFrame or Web SDK to join that meeting.

Thanks,
Tommy

@tommy got it.
What I’m not sure I understand is why it works right now. It stopped working with Chrome’s updated cookie policy.
When you say there is no way, do you mean you are not officially supporting it and not planning on fixing the Chrome issue in the foreseeable future?
Thanks again for all your help!

1 Like

Hey @hernantorrisi,

The Zoom Web Client was never designed to be embedded into an iFrame.

Obviously there is lots of demand for a way to easily embed Zoom into an iFrame, and we are discussing official ways to do that, which will probably end up being a little different than how people are doing it now. :slight_smile:

Thanks,
Tommy

@tommy that sounds promising! Can’t wait to hear more about it :slight_smile:
Thanks for everything.

1 Like

Happy to help! :slight_smile:

Will keep you updated!

Thanks for your patience,
-Tommy

Hey Tommy,
Does that imply that the ability to show Zoom meeting via the iFrame will be dropped completely?

Hey @elearningevolve,

No not dropped. The way to do it now won’t be affected, there will just be an additional, improved way.

Thanks,
Tommy

Sounds to be super cool, will be waiting for this. Please update us as well.

1 Like

Will do @elearningevolve! :slight_smile:

-Tommy

Dear Tommy,

i am facing the same issue as i tried your code but it shows a blank page on my site. Would it be because i’m using wix.com to edit? if yes, do you have a clue which iframe code will fit here?

Hey @pensarajustica,

Currently we do not have a iFrame embed code for sites like Wix. You will have to have a developer integrate your site with the Web SDK.

Please also see the Wix app: https://marketplace.zoom.us/apps/cy5FFKSBTlG4cBb3-qgQcg

Thanks,
Tommy

Hi Tommy,

Thanks for your support until now. I would like to ask if there is anyway we can embed Zoom meeting into Wix website as I tried to follow Web SDK instructions got both apps from your marketplace at Zoom but I cannot understand all the instructions given as I got lost after running Github app and going to this website…

http://127.0.0.1:9999/index.html

Is there any other place we can find a good troubleshooting steps for that. I honestly kind of lost using the Zoom guidelines shown on the website as they are not clear.

Thanks again

Carlos