Content Security Policy

Similarly to WordPress Composer and Elementor, our frontend Editor is using iframe to allow users to easily configure KB pages on the front-end.

If your website has setup Content Security Policy (CSP) and this policy is restrictive about iframes then our front-end KB Editor might experience issue loading due to configuration of the policy.

If your CSP does not allow to load KB page in an iframe then you will see error similar to this in your browser console:

       Content Security Policy: The page’s settings blocked the loading of a resource at https:///your-kb-page/?preopen=settings (“frame-ancestors”).

You will need to add the KB domain to the Content Security Policy so that it can load in the iframe. 

 Update: if our Editor detects CSP error, it will try to load the frontend page with the following directive:

               header("X-Frame-Options: SAMEORIGIN");
Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Need help?
Table of Contents