CSP error Iframe

ReodorMagnus · July 7, 2023, 8:11am

Hi!

Skjermbilde 2023-07-07 kl. 09.53.05

This is a strange one.

I’ve whitelisted youtube in the CSP directive “content security” under environment and when I copy paste a link directly into the iframe “url” field it all works fine. However, I created an action that uploads urls to a datasource so its possible to switch the video showing in the iframe depending on the object in context.

If i just whitelist https://storage.googleapis.com/ a file is downloaded automatically when the user loads the view with the data source connected Iframe.

Help…

HJT · July 10, 2023, 7:38am

Hi,

you can use the internet URL as a property on a object to show the correct video based on the context. In this case you don’t need a file object.

Then you just need to whitelist the different video hosting services the links are coming from (ex. Youtube, Vimeo etc)

Topic		Replies	Views
"MIME type is not a supported stylesheet MIME type, and strict MIME checking is enabled" Bugs and feature requests	4	529	March 8, 2024
Refused to execute inline event handler because it violates the following Content Security Policy Ask the community	3	2240	March 21, 2023
How do I fix CSP errors (when doing Hotjar integration)? Ask the community script , hotjar	1	251	December 2, 2022
Uploading files does not work in Safari when iframing other apps Bugs	3	62	December 16, 2024
Problem with file upload in prod environment due to CORS policy at googleapis.com Ask the community	0	193	November 16, 2023

CSP error Iframe

Related topics