ruibaby
commented
1 year ago +1
Closed tobimori closed 1 year ago
ruibaby
commented
1 year ago +1
BernhardBaumrock
commented
1 year ago +1
We have also hit that issue with my module for the ProcessWire CMF: https://processwire.com/talk/topic/27322-rockanalytics-gdpr-compliant-google-analytics-alternative-for-processwire/?do=findComment&comment=232350
mho22
commented
1 year ago +1
It works when you remove this line :
next.config.js line 13
frame-ancestors 'self'but be careful to add the line in your nginx.conf :
add_header Content-Security-Policy "frame-ancestors 'self' {http://your.domaine.name};";
cuiliang0302
commented
1 year ago +1
BernhardBaumrock
commented
1 year ago Hey @franciscao633 any info on this? I'd love to use umami for my clients but I can't if I'm not able to add it as an iframe to my CMS :( If that does not work I have to use Plausible, but I'd prefer umami. Thx in advance!
mikecao
commented
1 year ago Available in v2.3.0
Umami has a relatively strict CSP header, which itself would work fine, but forbids any embedding of a dashboard in e.g. a CMS. https://github.com/umami-software/umami/blob/25f44b84dfef0e6bb708361cf5eaaa50a9dc3e28/next.config.js#L4
The most ideal solution would be to have an option to allow embedding of the Share URL.