Linking HTML page through Iframe blocked by Content security policy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is direct linking HTML pages via Iframe being Blocked in Canvas now?
We've had reports this is now showing errors when attempted, however it was working previously.
Browser console (Firefox) is showing the following:
"Blocked script execution in '<URL>' because the document's frame is sandboxed and the 'allow-scripts' permission is not set."
and
"Refused to frame 'https://sso.canvaslms.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' sso.canvaslms.com sso.staging.canvaslms.com sso.beta.canvaslms.com sso.test.canvaslms.com sso2.canvaslms.com sso2.staging.canvaslms.com sso2.beta.canvaslms.com sso2.test.canvaslms.com a25028-484472.cluster15.canvas-user-content.com".
This was working fine previously but now is showing up an error, even when directly linking a file hosted on Canvas.
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I do not see any known issues reported regarding Canvas blocking iFrames, particularly when pointing to files already in Canvas. This would break functionality with a few Canvas features. This is more likely to be a setting controlled by your institution's Canvas administrator or by a setting in your browser (which, if you are on a computer issued by the institution, could be controlled by them). I would suggest talking with your institution's tech department to see if either are true.
