Search Support

Beware of phishing attacks: Mozilla will never ask you to call a number or visit a non-Mozilla website. Please ignore such requests.

Learn More

CSP issue in firefox

  • 無回覆
  • 1 有這個問題
  • 2 次檢視
more options

Hi Team,

We are facing issue while exporting documents from our portal which is embedded into an iframe of some external portal.

We see the following error in the console :

Content Security Policy: The page’s settings blocked the loading of a resource at blob:https://abc.def.com/1gg3810-ae25-42ae-ghghb-123456789 (“frame-src”).

This issue comes only in firefox. We are able to export documents in other browsers. We think that the problem comes due to the portal is embedded into an iframe. when we execute the download URL in a separate tab, it allows to download the document.

We are using below CSP policy :

default-src * blob: 'self' 'unsafe-eval' 'unsafe-inline'; font-src * data:; img-src * data:; frame-src * blob: data: 'self'; object-src *

Thanks

如果您還沒有帳號,您必須先 登入您的帳號 來回覆文章。請 開始一個新問題