dbFront has been able to work in an iFrame since version 220.127.116.1197.
Since then, browsers have introduced ever more security features designed to block tracking cookies. These cookies were often loaded from hidden iFrames.
Unfortunately cookies are important to any web application that needs to securely manage session state.
If you are simply using dbFront to provide Public / Read-Only access, then session state is not as important and in those cases dbFront can still function without further changes.
If Authenticated access is required, or if you need to allow users to Edit data then you will need to have your users update their browser settings to enable 3rd party cookies.
You should also upgrade to dbFront 18.104.22.16804 which includes enhanced cookie delivery functionality and the ability to detect and respond to blocked cookies.