Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Content-Security-Policy: frame-ancestors doesn't work

  • 1 प्रत्युत्तर दें
  • 1 यह समस्या है
  • के द्वारा अंतिम प्रतियुतर

more options

As mentioned here, CSP: frame-ancestors is supported from Firefox 33. However, it seems doesn't work.

I am trying to embed a 3-party site into our page using an iframe. The 3-party site did whitelist us using these headers - Content-Security-Policy: frame-ancestors 'self' https://* - X-Frame-Options: SAMEORIGIN

It works fine on Chrome, but not Firefox. I am using Firefox 79.

Is there anything wrong with our headers?

Thank you!

चुने गए समाधान

All Replies (1)

more options

चयनित समाधान

There is a bug with nested iframe