0

I'm attempting to add a JavaScript code snippet to my Shopify store, but I'm encountering a Content Security Policy (CSP) error: "Refused to frame https://AAAAA.de because an ancestor violates the following Content Security Policy directive: 'frame-ancestors 'none'."

However, I need to include this iFrame snippet for a specific functionality on my store. What steps can I take to allow this JavaScript code snippet to execute without violating the Content Security Policy? Are there any safe and recommended ways to modify the CSP settings for my Shopify store to accommodate this?

Mastor
  • 179
  • 4
  • 15
  • This isn't your Shopify page blocking it, it is the iframe'd URL itself saying, "I don't want to be embedded elsewhere" - see https://stackoverflow.com/a/38600261/1427878 – CBroe Aug 16 '23 at 09:45
  • Thanks for the answer @CBroe. So now the question, what I need to add to my code snippet, so my iFrame is not getting blocked? I've researched quite a lot but couldn't find the solution.... – Mastor Aug 16 '23 at 14:09
  • You can not do anything about this from the Shopify side - the page you want to embed via the iframe there, needs to allow for this. – CBroe Aug 17 '23 at 05:50

0 Answers0