Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

CSP issue in firefox

  • No replies
  • 1 has this problem
  • 1 view
gupta.harish2624
gupta.harish2624
more options

Hi Team,

We are facing issue while exporting documents from our portal which is embedded into an iframe of some external portal.

We see the following error in the console :

Content Security Policy: The page’s settings blocked the loading of a resource at blob:https://abc.def.com/1gg3810-ae25-42ae-ghghb-123456789 (“frame-src”).

This issue comes only in firefox. We are able to export documents in other browsers. We think that the problem comes due to the portal is embedded into an iframe. when we execute the download URL in a separate tab, it allows to download the document.

We are using below CSP policy :

default-src * blob: 'self' 'unsafe-eval' 'unsafe-inline'; font-src * data:; img-src * data:; frame-src * blob: data: 'self'; object-src *

Thanks

Hi Team, We are facing issue while exporting documents from our portal which is embedded into an iframe of some external portal. We see the following error in the console : Content Security Policy: The page’s settings blocked the loading of a resource at blob:https://abc.def.com/1gg3810-ae25-42ae-ghghb-123456789 (“frame-src”). This issue comes only in firefox. We are able to export documents in other browsers. We think that the problem comes due to the portal is embedded into an iframe. when we execute the download URL in a separate tab, it allows to download the document. We are using below CSP policy : default-src * blob: 'self' 'unsafe-eval' 'unsafe-inline'; font-src * data:; img-src * data:; frame-src * blob: data: 'self'; object-src * Thanks