do a view source of this page to see how secure embedding is configured through postMessages