Garmaine Staff asked 1 year ago

I have an extension which adds an iframe with a src that is a webapp, although the iframe works on most pages, I was trying it on one page and got the following error

Refused to frame 'https://mywebapp/' because it violates the following Content Security Policy directive: "frame-src render.githubusercontent.com http://www.zuora.com/".

It seems like the page I tried to run the iframe on has blocked sites besides the 2 mentioned.

I just wanted to know if there is anything I can do about this, such as adding headers to iframe etc or that I have no control over this.