So my use case is that i want to embed all jitsi meetings in a wordpress website (so using the IFrame API), but if the user use the domain that the IFrame API uses to embed meetings in a page, they can start meetings outside of the wordpress website. Is there a way to redirect users to the wordpress website if they try to use the self hosted server domain in an attempt to bypass said wordpress website?
I’m not sure. Maybe you can check for the ORigin header in your webserver config or something like that.
where is that stated?
That would be nginx config.
the only thing i am confused with still is does messing with the origin header in the config file (apache in my case) identically affects what happens in an iFrame as it would outside of one?
In the iframe case the Origin header should contain the embedding domain.
so if I set a redirect in the origin header for the apache config that won’t affect the iframe case? since from what I understood from you the iframe use the domain provided by the iframe api parameter and stays there
Yep, I think that should do.