Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Missing documentation for most restrictive CSP header for add-ins #4911

Open
duane-j-wagner opened this issue Nov 21, 2024 · 0 comments
Open
Labels
Needs: triage 🔍 New issue, needs PM on rotation to triage ASAP

Comments

@duane-j-wagner
Copy link

Article URL
On what page did you find the problem?
None
Describe the problem
My company uses very restrictive Content Security Policy (CSP). I am currently getting errors when using my add-in on the web version of Excel.
Refused to frame 'https://myaddinhost.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *myaddinhost.com"
I need to be crystal clear on what I need to change to get my add-in working when communicating with management.
Please add documentation on the most restrictive CSP header for serving add-ins for online office apps.

@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: triage 🔍 New issue, needs PM on rotation to triage ASAP label Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Needs: triage 🔍 New issue, needs PM on rotation to triage ASAP
Projects
None yet
Development

No branches or pull requests

1 participant