Blackbaud-MattWalsh
commented
4 years ago Closed Blackbaud-ColbyWhite closed 3 years ago
Blackbaud-MattWalsh
commented
4 years ago 
blackbaud-johnly
commented
4 years ago Need to dig into the Slack threads on this and look into more updates to address Colby's questions. Based on side conversations with him, Matt's PR did not address all of his concerns with these docs.
Blackbaud-ColbyWhite
commented
4 years ago it looks like the blackbaud option results in the following header:
Content-Security-Policy: frame-ancestors https://*.blackbaud.com https://*.blackbaud-dev.com https://*.blackbaud-test.comthe actual value would be useful in the doc. or a link to where the values are hardcoded. it may also be useful to note that this prevents localhost embedding or potentially any other local dev if the embedding app is not a SKY UX SPA.
blackbaud-johnly
commented
4 years ago Another internal Slack thread on this: https://app.slack.com/client/T02BBN218/C3TQ4C0KG/thread/C3TQ4C0KG-1596489836.117900.
Blackbaud-KerryCampbell
commented
3 years ago Moved to ADO issue
Blackbaud-ColbyWhite
commented
3 years ago @Blackbaud-KerryCampbell, fyi, by closing the github issue you also closed the ado issue. i assume that wasnt intentional. j/ a heads up.
The doc around this option is a bit misleading; specifically how it is has been brought up in a couple threads.
Also, the doc does not mention what happens when you leave off
frameOptionscompletely.