Hello,
I'm trying to frame PDF document, but get this error
document is returned and its link is previewed successfully in new tab, but not in my frame
Here is HTML
It sounds like this is a Pop-Up Blocker not allowing the 'self' to be executed as you state.
Where can it be?. that problem appears on all devices. could it be on code?
Could be, might want to submit a question to Support. It might be known,
The HTML that are trying to frame this content, from what server (URL) is that page loaded from?
Content Security Policy is a header that is set to prevent framing of untrusted sources. In your case the source of the HTML page is not trusted. Allowing framing is a security risk and makes the application vulnerable. The frame ancestors are written in the error message, those are self, IDM self in this case and the 3 set of URLS for mingle, mingle-sso and mingle-extentions. No other host/port combinations are allowed to frame the document. For example I don't see the Mingle Homepages URL in there for eu1, so if this is in a widget, well yes, it's not allowed.
There is nothing that you can do technically to worlk around this. That is the point with this type of security configurations. If this is in a widget for example in Mingle Homepages, I don't see the URL there.
But have a closer look at the IDM API. If they can return a preview link with a short lived token that goes through a CDN and not to the IDM application - THAT is the URL that you should be using. So please look for resource URL with token appended from ION IDM API.
