Why remove plain html from response webhook node? Its a crap!

mredodos · July 28, 2025, 8:46pm

Why do it? Pls rollback or add some options for deactivate the iframe sandbox. I have a lot of workflow broken and i cant fix it because are dynamic app in html and js!!

mredodos · July 29, 2025, 4:54am

Check this Support for HTTP webhook response in plain/text (removed in 1.103.0)

And this HTML node. HTML wrapped in iframe breaks too many things. Please consider a switch to disable this functionality · Issue #17687 · n8n-io/n8n · GitHub

And this respond to webhook return iframe srcdoc why !? · Issue #17760 · n8n-io/n8n · GitHub

We need an urgent rollback or options for disable this “security enhancement” for self host installations.

I know aa lot of advanced user here in the community using response node for render dynamic html with js.

Ed_P · July 29, 2025, 7:46am

I second this!

While not all of my webhook-powered HTML workflows failed (the raw HTML output seems to be working), certain definitely did. For example, the docsify auto documentation is not working anymore, as it heavily relies on JS.

This new n8n “feature” is a rare case which breaks a number of existing solutions without any prior announcements and without easy workarounds. Why not keep “old” and “new” response to webhook node - the old version behaves the same, and the new one behaves differently. This approach would at least not break existing workflows.

syahnur197 · July 29, 2025, 8:29am

This update breaks printing the page.

It does not allow me to print more than 1 page if the html page could be contained in more than 1 page.

issue outlined here in detail: IFrame by respond to webhook not allows print more than 1 page · Issue #17714 · n8n-io/n8n · GitHub

felippelima126 · July 30, 2025, 2:01pm

We have several workflows that render HTML, and this change broke them. I understand the security concerns, but they could include an option, environment variable, or “enableiframe” flag in the node itself to enable or disable it as needed.

mredodos · July 31, 2025, 3:08pm

is fixed we need to put the env N8N_INSECURE_DISABLE_WEBHOOK_IFRAME_SANDBOX = true

jabbson · July 31, 2025, 4:02pm

It is probably worth referencing the release notes page:

Jon · July 31, 2025, 8:55pm

It will make it to the release notes when they get jazzed up, we also need to add the env option to the docs with the warning as it does impact the security of the instance.

eddie · August 5, 2025, 11:53am

what if the workflow is within n8n cloud and not self-hosted? Any idea how to add this?

system · August 20, 2025, 8:25am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.