Strapiv4 <iframe>

System Information
  • Strapi Version:
  • Operating System:
  • Database:
  • Node Version:
  • NPM Version:
  • Yarn Version:

I’m trying to upload a pdf file to pass via iframe, but I’m getting this error:Refused to frame 'my url ’ because an ancestor violates the following Content Security Policy directive: “frame-ancestors ‘self’” and on the right side I I took any pdf from the internet and it works in my application

You need to change the strapi::security middleware to allow for it to not break it

how can this be done?

I meant cors

ok, thank you very much I will test and if it works I will bring the answer

Code example.
name: “strapi::security”,
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
“script-src”: [“‘self’”, “https:”, “http:”],
“frame-src”: [“‘self’”, “https:”, “http:”],
“frame-ancestors”: [“‘self’”, “https:”, “http:”],

Good morning, a simple and effective solution, I did it like this:<iframe
src={ url here&embedded=true}