Embedded Tableau iFrame CORs dashboard error: Requests to the server have been blocked by an extension

book

Article ID: 194809

calendar_today

Updated On:

Products

Clarity PPM On Premise Clarity PPM SaaS

Issue/Introduction

  1. We have a Tableau dashboard embedded in an iFrame in an HTML portlet
  2. When testing in a browser that is non chrome without the extension we’re not seeing the embedded dashboard.
  3. On the application side, we see error:
    • Requests to the server have been blocked by an extension instead of data in the dashboard
  4. Error seen in Developer tools console:

ext.min.js:26 Refused to frame 'https://<ImpactedURL>/' because it violates the following Content Security Policy directive...

Cause

This is due to one or more options missing from the CONTENT_SECURITY_DOMAINS table

Environment

Release : All Supported Releases

Component : CA PPM APPLICATION

Resolution

  1. Reproduce issue with Developer Tools enabled for the Browser
    • Note the URL impacted via the following error: ext.min.js:26 Refused to frame 'https://<ImpactedURL>/' because it violates the following Content Security Policy directive.
  2. Add anything referenced in the Developer tools error that it "refused to Frame" to the CONTENT_SECURITY_DOMAINS table.
    • In the example above:
      • Run command: admin system-options -add CONTENT_SECURITY_DOMAINS <ImpactedURL> -multi
  3. Flush the Clarity Cache

Tip: To check which options are already added in the database, run the query:

select * from cmn_option_values where option_id in
( select id from cmn_options where option_code ='CONTENT_SECURITY_DOMAINS')

 

Additional Information

See also: 189773 - How to do Content Security Domain update in Clarity database

See CSA: Service and Admin Command-Line Utilities (On-Premise Only) - Admin Command