CSP error Iframe


Skjermbilde 2023-07-07 kl. 09.53.05

This is a strange one.

I’ve whitelisted youtube in the CSP directive “content security” under environment and when I copy paste a link directly into the iframe “url” field it all works fine. However, I created an action that uploads urls to a datasource so its possible to switch the video showing in the iframe depending on the object in context.

If i just whitelist https://storage.googleapis.com/ a file is downloaded automatically when the user loads the view with the data source connected Iframe.



you can use the internet URL as a property on a object to show the correct video based on the context. In this case you don’t need a file object.

Then you just need to whitelist the different video hosting services the links are coming from (ex. Youtube, Vimeo etc)