Print

Content Security Policy

Created On
Updated On
By:Dennis
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
Views52

Overview

Copy the URL link to this section to share

Similarly to WordPress Composer and Elementor, our frontend Editor is using iframe to allow users to easily configure KB pages on the front-end.

If your website has setup Content Security Policy (CSP) and this policy is restrictive about iframes then our front-end KB Editor might experience issue loading due to configuration of the policy.

If your CSP does not allow to load KB page in an iframe then you will see error similar to this in your browser console:

       Content Security Policy: The page’s settings blocked the loading of a resource at https:///your-kb-page/?preopen=settings (“frame-ancestors”).

You will need to add the KB domain to the Content Security Policy so that it can load in the iframe. 

 Update: if our Editor detects CSP error, it will try to load the frontend page with the following directive:

               header("X-Frame-Options: SAMEORIGIN");

Reference Articles

Copy the URL link to this section to share
Views52
Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
5
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Need help?
Table of Contents
View Add-ons