feat: enable iframe use (#4766)

* feat: enable iframe use

* cleanup

* fix mocks

* fix linting

* docs: add iframe usage to solution scenarios configurations

* improve api

* feat(console): security policy

* description

* remove unnecessary line

* disable input button and urls when not enabled

* add image to docs

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

console/src/assets/i18n/de.json

@@ -881,7 +881,8 @@
       "BRANDING": "Branding",
       "PRIVACYPOLICY": "Datenschutzrichtlinie",
       "OIDC": "OIDC Token Lifetime und Expiration",
-      "SECRETS": "Secret Erscheinungsbild"
+      "SECRETS": "Secret Erscheinungsbild",
+      "SECURITY": "Sicherheitseinstellungen"
     },
     "GROUPS": {
       "NOTIFICATIONS": "Benachrichtigungen",
@@ -970,6 +971,11 @@
       "LENGTH": "Länge",
       "UPDATED": "Einstellungen geändert"
     },
+    "SECURITY": {
+      "DESCRIPTION": "Mit dieser Einstellung wird die CSP so eingestellt, dass Framing von einer Reihe zulässiger Domänen zugelassen wird. Beachten Sie, dass Sie durch die Aktivierung der Verwendung von iFrames das Risiko eingehen, Clickjacking zu ermöglichen.",
+      "IFRAMEENABLED": "iFrame zulassen",
+      "ALLOWEDORIGINS": "Zulässige URLs"
+    },
     "DIALOG": {
       "RESET": {
         "DEFAULTTITLE": "Einstellungen zurücksetzen",

console/src/assets/i18n/en.json

@@ -881,7 +881,8 @@
       "BRANDING": "Branding",
       "PRIVACYPOLICY": "Privacy Policy",
       "OIDC": "OIDC Token lifetime and expiration",
-      "SECRETS": "Secret Appearance"
+      "SECRETS": "Secret Appearance",
+      "SECURITY": "Security settings"
     },
     "GROUPS": {
       "NOTIFICATIONS": "Notifications",
@@ -970,6 +971,11 @@
       "LENGTH": "Length",
       "UPDATED": "Settings updated."
     },
+    "SECURITY": {
+      "DESCRIPTION": "This setting sets the CSP to allow framing from a set of allowed domains. Note that by enabling the use of iFrames, you run the risk of allowing clickjacking.",
+      "IFRAMEENABLED": "Allow iFrame",
+      "ALLOWEDORIGINS": "Allowed URLs"
+    },
     "DIALOG": {
       "RESET": {
         "DEFAULTTITLE": "Reset Setting",

console/src/assets/i18n/fr.json

@@ -881,7 +881,8 @@
       "BRANDING": "Image de marque",
       "PRIVACYPOLICY": "Politique de confidentialité",
       "OIDC": "Durée de vie et expiration des jetons OIDC",
-      "SECRETS": "Apparence secrète"
+      "SECRETS": "Apparence secrète",
+      "SECURITY": "Paramètres de sécurité"
     },
     "GROUPS": {
       "NOTIFICATIONS": "Notifications",
@@ -970,6 +971,11 @@
       "LENGTH": "Longueur",
       "UPDATED": "Paramètres mis à jour."
     },
+    "SECURITY": {
+      "DESCRIPTION": "Ce paramètre permet au CSP d'autoriser les iFrames à partir d'un ensemble de domaines autorisés. Notez qu'en autorisant l'utilisation des iFrames, vous courez le risque d'autoriser le clickjacking.",
+      "IFRAMEENABLED": "Autoriser iFrame",
+      "ALLOWEDORIGINS": "URL d'origine autorisées"
+    },
     "DIALOG": {
       "RESET": {
         "DEFAULTTITLE": "Réinitialiser les paramètres",

console/src/assets/i18n/it.json

@@ -881,7 +881,8 @@
       "BRANDING": "Branding",
       "PRIVACYPOLICY": "Informativa sulla privacy e TOS",
       "OIDC": "OIDC Token lifetime e scadenza",
-      "SECRETS": "Aspetto dei segreti"
+      "SECRETS": "Aspetto dei segreti",
+      "SECURITY": "Impostazioni di sicurezza"
     },
     "GROUPS": {
       "NOTIFICATIONS": "Notifiche",
@@ -970,6 +971,11 @@
       "LENGTH": "Lunghezza",
       "UPDATED": "Impostazioni aggiornati"
     },
+    "SECURITY": {
+      "DESCRIPTION": "Questa impostazione consente al CSP di consentire il framing da un insieme di domini consentiti. Si noti che abilitando l'uso di iFrames, si corre il rischio di consentire il clickjacking.",
+      "IFRAMEENABLED": "I Frame enabled",
+      "ALLOWEDORIGINS": "URL consentiti"
+    },
     "DIALOG": {
       "RESET": {
         "DEFAULTTITLE": "Ripristina impostazioni",

console/src/assets/i18n/zh.json

@@ -881,7 +881,8 @@
       "BRANDING": "品牌标识",
       "PRIVACYPOLICY": "隐私政策",
       "OIDC": "OIDC 令牌有效期和过期时间",
-      "SECRETS": "验证码外观"
+      "SECRETS": "验证码外观",
+      "SECURITY": "安全设置"
     },
     "GROUPS": {
       "NOTIFICATIONS": "通知",
@@ -970,6 +971,11 @@
       "LENGTH": "长度",
       "UPDATED": "设置已更新。"
     },
+    "SECURITY": {
+      "DESCRIPTION": "此设置将CSP设置为允许来自一组允许的域的框架。请注意，通过启用iFrames的使用，你会有允许点击劫持的风险。",
+      "IFRAMEENABLED": "允许 iFrame",
+      "ALLOWEDORIGINS": "允许的来源 URL"
+    },
     "DIALOG": {
       "RESET": {
         "DEFAULTTITLE": "重置设置",