The application filters out frame-ancestors if it exists in content-security-policy but it doesn't check Content-Security-Policy (with uppercase for the first letter) which is the recommend style in most guides.
In our use-case, we integrate Jitsi with our Keycloak server as identity provider and it uses Content-Security-Policy. So, it doesn't work if the application doesn't have this update.
The application filters out
frame-ancestorsif it exists incontent-security-policybut it doesn't checkContent-Security-Policy(with uppercase for the first letter) which is the recommend style in most guides.In our use-case, we integrate
Jitsiwith ourKeycloakserver as identity provider and it usesContent-Security-Policy. So, it doesn't work if the application doesn't have this update.