I think the part that you may be missing is that View 1 (embedded view) is hosted on DocuSign's domain.
So the view may be designed by the client, but it's not hosted by the client. It's hosted on DocuSign.
Then View 2, is the "dashboard" view which of course isn't designed by the client.
In an ideally designed embedded View 1, it should not be possible to get to DocuSign's "dashboard" (View 2). Sessions should be tracked in DocuSign's API and View 1 refreshes should return the user to hosted View 1 or should return an error.
I thought OP was embedding something from DS in their page. It sounds like they are redirecting a user to DocuSign.com. I agree that the user being able to access the requester's DS is a massive security issue. So massive that it seems implausible that it actually works that way, but I don't have any experience to know one way or another.
So the view may be designed by the client, but it's not hosted by the client. It's hosted on DocuSign.
Then View 2, is the "dashboard" view which of course isn't designed by the client.
In an ideally designed embedded View 1, it should not be possible to get to DocuSign's "dashboard" (View 2). Sessions should be tracked in DocuSign's API and View 1 refreshes should return the user to hosted View 1 or should return an error.