Issue/Introduction:
- We have a Tableau dashboard embedded in an iFrame in an HTML portlet
- When testing in a browser that is non chrome without the extension we’re not seeing the embedded dashboard.
- On the application side, we see error:
- Requests to the server have been blocked by an extension instead of data in the dashboard
- Error seen in Developer tools console:
ext.min.js:26 Refused to frame 'https://<ImpactedURL>/' because it violates the following Content Security Policy directive...
Cause:
This is due to one or more options missing from the CONTENT_SECURITY_DOMAINS table
Environment:
Release : All Supported Releases
Component : CA PPM APPLICATION
Resolution:
- Reproduce issue with Developer Tools enabled for the Browser
- Note the URL impacted via the following error: ext.min.js:26 Refused to frame 'https://<ImpactedURL>/' because it violates the following Content Security Policy directive.
- Add anything referenced in the Developer tools error that it "refused to Frame" to the CONTENT_SECURITY_DOMAINS table.
- In the example above:
- Run command: admin system-options -add CONTENT_SECURITY_DOMAINS <ImpactedURL> -multi
- Flush the Clarity Cache
Tip: To check which options are already added in the database, run the query:
select * from cmn_option_values where option_id in
( select id from cmn_options where option_code ='CONTENT_SECURITY_DOMAINS')