Garmaine asked 4 years ago
I have an extension which adds an iframe with a src that is a webapp, although the iframe works on most pages, I was trying it on one page and got the following error
Refused to frame 'https://mywebapp/' because it violates the following Content Security Policy directive: "frame-src render.githubusercontent.com http://www.zuora.com/".
It seems like the page I tried to run the iframe on has blocked sites besides the 2 mentioned.
I just wanted to know if there is anything I can do about this, such as adding headers to iframe etc or that I have no control over this.
Please login or Register to submit your answer