Friday, August 3, 2018

Content-Security-Policy: frame-ancestors * 

Content-Security-Policy: frame-ancestors *
is the header line that permits you to use any html, content or object as iframe or frame or whatever in any other website. It comes from the source websate. BUT, all your iframes won't work in the browser with file:// and you will get crazy trying to check what it is happening in your local tests.

Quick-hotfix: in linux or mac you can use, from the local path of your html, the famous python -m SimpleHTTPServer and try it with http://localhost:8000/<uripath>

Publicado por
Etiquetas: , , , , , , , , , , , ,

1 comment:

  1. Mary BaryJanuary 2, 2025 at 11:59 AM

    Using Content-Security-Policy: frame-ancestors * allows all domains to embed your content in a frame, which might pose security risks. Ensure your hosting supports secure configurations with DVHosting.

    ReplyDelete

Subscribe to: Post Comments (Atom)