iframe lock elementor

[angellombana]

Hello, does anyone know how to remove this lock? It happens to me in the Elementor module, the developer told me to tell the server to remove that lock from the iframe, but the server intern doesn't even know what's happening

because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'"

[sim3883]

Hello 

 

Did you find a solution to this problem ? I'm having the same issue, and cannot find where this setting is done 

 

Thanks 

[musicmaster]

frame-ancestors is a http setting. So you set it in the header commands before you output the html of a webpage.

In the early days of the internet hackers sometimes invited you to open sensitive pages like bank accounts into iframes so that they had some level of access to what you did on those pages. To prevent that such sensitive pages now are sent with this http setting that blocks them from being opened in an iframe.

Search the internet for "frame-ancestors" and you will learn more.

[sim3883]

Hi , thanks for your answer.

 

I finally solved the issue, it was the Official UPS module that had a setting to add those headers to every http commands, i've been able to disable it in the module config 

 

thanks

[Chpaquito]

Hi @sim3883
happy to know the positive outcome, could you share the change you made ?
thanks !

[sim3883]

Hi

My UPS module is in french but I'll try to translate the labels .

In the module config, go to the last part "Security improvements".

Then , the fourth setting is something like " Use Content-Security-Policy header", You have to check the options "Do not use" or "self frame ancestors", if you enable the option "none frame ancestors"  then the lock will be enabled and many things won't work (product popups for instance)

 

 

Edited December 13, 2023 by sim3883 (see edit history)

[Chpaquito]

merci beaucoup 😀 !
effectivement tout bon maintenant

[sim3883]

Content d'avoir aidé alors