Issue Description: We have implemented a CSP policy on our website to enhance security and protect against various types of attacks. However, we're experiencing a specific CSP violation related to framing content from 'https://quick-actions.express.adobe.com/'. The error message states:
Refused to frame 'https://quick-actions.express.adobe.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' staging.paraclete.ai".
Expected Behavior: We expect to be able to embed content from 'https://quick-actions.express.adobe.com/' within frames on our website without encountering CSP violations.
Steps Taken: We have reviewed our CSP policy and confirmed that it includes 'self' and 'staging.paraclete.ai' in the 'frame-ancestors' directive. Despite this, we're still encountering the aforementioned violation.
Request for Assistance: We kindly request your assistance in resolving this issue. Could you please provide guidance on how we can adjust our CSP policy or any other necessary steps to ensure that we can embed content from 'https://quick-actions.express.adobe.com/' within frames on our website securely and in compliance with CSP standards?
2
Replies
AdChoices
