Domain Control
Domain Control for Embedding Your Application
Drimify allows you to control which domains can embed your application using an iframe. This feature ensures your content is only accessible from trusted sources and prevents unauthorised embedding.
How It Works
You can define a list of permitted domains. Only these domains will be able to embed your application in an iframe. Each domain should be written on a separate line.
Examples of Permitted Domains
✅ Allowed Entries | ❌ Not Allowed Entries |
---|---|
example.com | http://example.com (protocol not needed) |
*.example.com | www.*.example.com (wildcard only works at the beginning) |
subdomain.example.com | subdomain.*.example.com (invalid wildcard usage) |
Using Wildcards
A wildcard domain allows you to permit all subdomains of a given domain. You can use *. at the beginning of a domain to allow all its subdomains.
Example:
*.example.com → Allows sub.example.com, blog.example.com, shop.example.com, etc.
example.com (without *.) → Only allows example.com, not sub.example.com.
Tips for Using Wildcards
Wildcards must be at the beginning of the domain (e.g., *.example.com, not www.*.example.com).
Be careful when using *. as it will allow all subdomains, including dynamically created ones.
If you need to allow multiple specific subdomains, list them individually instead of using a wildcard.
Best Practices
✔ Only allow domains you trust.
✔ If you need to embed on multiple subdomains, consider using a wildcard ( *.yourdomain.com).
✔ Review your list periodically to ensure only authorised domains have access.
Updated on: 26/03/2025
Thank you!