Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trying to open a website which has CSP(Content Security Policy) sent with directive "frame-ancestors" set as https://xyz.site #78

Open
sandy0096 opened this issue Oct 17, 2023 · 2 comments
Open

Trying to open a website which has CSP(Content Security Policy) sent with directive "frame-ancestors" set as https://xyz.site #78

sandy0096 opened this issue Oct 17, 2023 · 2 comments

Comments

@sandy0096
Copy link

sandy0096 commented Oct 17, 2023
edited
Loading

Complete error is the following:

Refused to frame 'https://website.com' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://websiteA https://websiteB https://websiteC http://MoreWebsite.

This works on Android Webview, guessing it has Android's NativeWebView implementation and web-webview uses iframe to implement the same.

Getting this on Google Chrome, for Firefox it's forcing to open it on a new tab and then working OK.

Any ideas how to overcome this or any possible workarounds?

Edit1: Not using any injects, tried originWhitelist.
@malikzype
Copy link

You can use expo web browser to resolve the issue.

@sandy0096
Copy link
Author

sandy0096 commented Nov 12, 2023
edited
Loading

Thanks, In a shell, expo web browser is using ChromeCustomTab for android, but I want it for a web browser like a native web browser and not embedded in android.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sandy0096 @malikzype