No internet connection
  1. Home
  2. Support

Content Security Policy error within GatsbyJS

By ollagada @ollagada
    2018-09-30 12:34:19.871Z

    Hello. I've tried to add the section below of my blog post template.
    but I met this error in chrome developer Tool. Then I can't figure out any appearance of Talkyard.

    How can I modify Content Security Policy to 'self' from 'none'?
    It seems all will be okay if I modify only that line.
    Thank you!

    Refused to display 'https://ollagada.talkyard.net/-/embedded-editor?embeddingUrl=http://localhost:8000/Install-disqus-api-on-gatsbyjs/' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

    Reply
    • 4 replies
    1. KajMagnus @KajMagnus2018-09-30 12:46:50.123Z

      Hi Ollagda, you need to type the address to your blog, here:

      https://ollagada.talkyard.net/-/admin/settings/embedded-comments

      Once you've typed the address, you'll see instructions about how to add the comments to your blog, too (will appear just below the Allow embedding from field, when you've clicked Save)

      (People get sent to that config page & input field, automatically if they sign up via: https://www.talkyard.io/blog-comments — however, when signing up via: https://www.talkyard.io/pricing, then one won't get to that page and everything gets a bit confusing I think. I should do something about that :- ))

      Reply1 Like
      1. Oollagada @ollagada
          2018-10-01 06:07:47.026Z

          Pardon me...

          but it's still not working though I followed your guide...
          I've added that address such as 'localhost:8000', 'http://ollagada.github.io'
          but they are still making same CSP Error...

          Reply
          1. KajMagnus @KajMagnus2018-10-01 07:00:03.743Z

            Hello! Should be https not http. The address to the embedding site is: https://ollagada.github.io/

            Reply
            1. HHai Dang @haidedang
                2020-11-19 10:50:22.897Z

                Hello! I still have the same problem on self-hosted solution. I have insert embedded comments as : https://cottagecoredream.com

                However at my blog site this error keeps appearing : Refused to frame 'https://comments.cottagecoredream.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://www.cottagecoredream.com".

                I would be very grateful for you help, and great work i love it!

                Best , Hai

                Reply
          2. Progress
          3. @KajMagnus closed this topic 2018-10-22 13:45:17.388Z.
          Reply (discussion)Add progress note