Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.
Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).
Thanks for the clarification and explaining the security implications. Would it work in a secure way, if the "iframe" app is on the same domain, f.e. iframe.cloudron.app ?
This can be done via ContentSecurityPolicy and Cloudron supports this for all apps: https://cloudron.io/documentation/apps/#custom-csp
