Closed Tokarak closed 11 months ago
Update: the PWA is inexplicably working fine the very next day. The CORS error is still showing up in console log, but not the frame error. I will leave this issue open because I'm meddling with powers I can't possibly comprehend.
Seems like this issue is covered in the readme:
If discord iframe does not load (despite having the extension installed) Remove and re-install the extension. This happens when multiple extensions try to modify headers for a page; the last installed extension has priority while others are blocked access.
Maybe; maybe I'm wrong.
Browser: Edge (macOS), latest (as of 2023-08-21) version Console:
Access to fetch at 'https://discord.com/channels/@me' from origin 'https://neverdecaf.github.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. [...] Refused to frame 'https://discord.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://discord.com".
It seems the issue is that Discord added
Access-Control-Allow-Origin
recently. Looking atframe-ancestors
docs, there doesn't seem anything wrong with the directive — the error must be carried on from CORS blocking. I'm not a web dev, so I can't be certain; nor do I know exactly how to fix this.