Clients

• Linux, MacOS and Windows clients
• Web client
• How to configure the NICE DCV Web Client to work in iFrames

Linux, MacOS and Windows clients

You can download the clients here: https://download.nice-dcv.com/latest.html

Web client

The NICE DCV web browser client runs inside a web browser. You don’t need to install the web client.

Supported browsers:

• Google Chrome and Chromium (97 or later)
• Mozilla Firefox
• Microsoft Edge (97 or later)
• Apple Safari

The DCV server comes with web client support included by default. To access the service you need to open this url:

https://server_hostname_or_IP:port/#session_id

Important notes:

• The session_id is optional
• The protocol must be HTTPS
• The port, by default is 8443, but maybe you have customized that

The web client also have some limitations:

• Limit of up two screens with 1920×1080 of resolution each one. The resolution can be changed, but not the screens limit.
• It will use the web browser proxy configuration.

How to configure the NICE DCV Web Client to work in iFrames

NICE DCV offers native DCV clients for Windows, Linux and MacOS for best performance but also the convenient HTML5 browser-based NICE DCV client.

For strongest security the DCV web client by default does not allow to be embedded inside an iFrame to avoid “clickjacking” attacks. There are scenarios where you have a controlled environment and want to embed the DCV remote desktop client into another website. This guide shows how this is possible configuring respective HTTP headers.

To configure the NICE DCV server on Windows to allow embedding as iFrame the following HTTP headers are configured in the Windows registry.

In HKEY_USERS\S-1-5-18\Software\GSettings\com\nicesoftware\dcv\connectivity we set 2 Strings (SZ) in case we want to show the iFrame as part of a page on e.g. www.ni-sp.com as follows (usually you can skip the “web-x-frame-options” entry as it has become obsolete, please replace with your domain name):

web-x-frame-options ALLOW-FROM https://www.ni-sp.com
web-extra-http-headers  [("Content-Security-Policy", "frame-ancestors https://*.ni-sp.com https://www.ni-sp.com")] 

If you prefer Powershell you can set the “web-extra-http-headers” option with the following Powershell command (please replace with your domain):

New-ItemProperty -Path "Microsoft.PowerShell.Core\Registry::\HKEY_USERS\S-1-5-18\Software\GSettings\com\nicesoftware\dcv\connectivity\web-extra-http-headers" -Name parameter_name -PropertyType String -Value "[('Content-Security-Policy', 'frame-ancestors https://*.ni-sp.com https://www.ni-sp.com')]" -Force

In case of DCV on Linux you can set the HTTP headers in the dcv.conf file – here an example:

[connectivity]
web-x-frame-options="ALLOW-FROM https://www.ni-sp.com"
web-extra-http-headers=[("Content-Security-Policy", "frame-ancestors https://*.ni-sp.com https://www.ni-sp.com")]

If you want to allow any https connection you can use "frame-ancestors https:“.

More about clickjacking:
https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet#Defending_with_X-Frame-Options_Response_Headers and https://www.owasp.org/index.php/Content_Security_Policy_Cheat_Sheet#Preventing_Clickjacking