Hello Adobe Support Team, I am experiencing an issue with Adobe Express embedded in an iframe on my website. When I use the custom function to create content, the entire Adobe Express interface loads correctly within the iframe. However, when I try to save my work, the save button is missing, and the only available option is the insert button. Unfortunately, the insert button does not work and results in an error. The iframe then closes unexpectedly. Here are the details of the error message that appears in the console:   m-web-209a6e62.js:1 unhandledRejection event emitted: Failed to execute 'createImageData' on 'CanvasRenderingContext2D': The source height is zero or not a number. DOMException: Failed to execute 'createImageData' on 'CanvasRenderingContext2D': The source height is zero or not a number. Steps to Reproduce: Embed Adobe Express in an iframe on a webpage. Use the custom function to create content within the iframe. Attempt to save the created content. Observe that the save button is missing and only the insert button is available. Click the insert button, which triggers the error and closes the iframe. Expected Behavior: The save button should be available and functional. The insert button should work without causing an error. The iframe should not close unexpectedly. ... View more

Issue Description: We have implemented a CSP policy on our website to enhance security and protect against various types of attacks. However, we're experiencing a specific CSP violation related to framing content from 'https://quick-actions.express.adobe.com/'. The error message states:   Refused to frame 'https://quick-actions.express.adobe.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' staging.paraclete.ai". Expected Behavior: We expect to be able to embed content from 'https://quick-actions.express.adobe.com/' within frames on our website without encountering CSP violations. Steps Taken: We have reviewed our CSP policy and confirmed that it includes 'self' and 'staging.paraclete.ai' in the 'frame-ancestors' directive. Despite this, we're still encountering the aforementioned violation. Request for Assistance: We kindly request your assistance in resolving this issue. Could you please provide guidance on how we can adjust our CSP policy or any other necessary steps to ensure that we can embed content from 'https://quick-actions.express.adobe.com/' within frames on our website securely and in compliance with CSP standards?     ... View more

When utilizing the "Create Customize template" functionality within our application, which opens Adobe Express in an iframe, we've noticed that after users complete the template customization and click the save button within Adobe Express, the iframe unexpectedly closes. This behavior is not intended, as users should be able to continue interacting with the application after saving their template. Steps to Reproduce: Click on the "Create Customize template" button within the application. Adobe Express opens in an iframe, allowing users to customize the template. After completing the customization, click the save button within Adobe Express. Notice that the iframe containing Adobe Express closes unexpectedly. Expected Behavior: After users click the save button within Adobe Express, the template should be saved, but the iframe containing Adobe Express should remain open, allowing users to continue interacting with the application.   ... View more

Inform you about an issue I am encountering when attempting to embed content from 'https://new.express.adobe.com/' into an iframe on our website. The specific error message I'm receiving is as follows: "Refused to frame 'https://new.express.adobe.com/' because an ancestor violates the following Content Security Policy directive: 'frame-ancestors 'self' https://.adobe.io https://.instructure.com https://*.adobe.com https://classroom.google.com https://wakelet.com'." It appears that our domain is not included in the list of allowed domains specified in the Content Security Policy (CSP) of 'https://new.express.adobe.com/'. We would like to request your assistance in resolving this issue. We believe that enabling our domain to embed this content will greatly enhance the user experience on our website. We kindly request your support in one of the following ways: Update the CSP Policy: If possible, could you please update the CSP policy of 'https://new.express.adobe.com/' to include our domain ([paraclete.ai,staging.paraclete.ai]) in the list of allowed domains for iframe embedding? This would help us resolve the issue. Alternative Integration: If updating the CSP is not feasible, we would appreciate guidance on alternative methods for integrating content from 'https://new.express.adobe.com/' into our website while respecting your security policies. ... View more