Skip to Content (Press Enter)
2021-04-13 16-43-16
Miguel Santos
412Views
2Comments
Solved
Frame-ancestors
Question

I need to add a link able to access frames on Frame-ancestors, by default only contains:

self

gap:



where do i add the link to my domain?

1
0
15 May 2019
Copy Link
UserImage.jpg
G Andrew Duthie
 
MVP
Solution

If you are trying to set the Content-security-policy directive, one way to do that is:

  1. Add a reference to the AddHeader action of the HttpRequestHandler Producer module.
  2. In the Preparation of your screen, drag a Server Action node into the flow, and set it to use the AddHeader action from step 1. 
  3. Set the Name input parameter to "Content-Security-Policy".
  4. Set the Value input parameter to "frame-ancestors" where you replace with the correct source you want to have access. For a domain, you should use something like https://subdomain.mydomain.com (you can also use * as a wildcard). Do not use quotes around the URL. For specific named values (self/none), use single quotes, i.e. 'none'.

See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors for more info on valid values.

0
0
15 May 2019
Copy Link
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.