We have an application where we want to integrate the following CMS page:
https://join.xxxxxxxx.com/index.html?id=<id>secret=<secret>&lang=en-US
This works well, if we open a separate child window, but not embedded in an iframe:
"Refused to display 'https://...' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
Is there any supported configuration means to change content security policy on CMS?