https://community.developer.cybersource.com/t5/Integration-and-Testing/Content-Security-Policy-Woes/m-p/74264#M46124 <P>It seems like the latest Chrome update broke our Accept Hosted integration -- opening iFrameCommunicator.html to display the payment method form.</P><P>&nbsp;</P><P>We're now getting the error:</P><P>&nbsp;</P><P>Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('<A href="https://www.[site].com" target="_blank">https://www.[site].com</A>') does not match the recipient window's origin ('<A href="https://accept.authorize.net" target="_blank">https://accept.authorize.net</A>').</P><P>&nbsp;</P><P>Even though content-security policy is set and includes:</P><P>&nbsp;</P><P>frame-ancestors 'self'&nbsp; *.[site].com *.authorize.net;</P><P>&nbsp;</P><P>I've run verifications on content-security-policy, all is valid there.</P> Wed, 09 Dec 2020 17:48:48 GMT obsidianreq 2020-12-09T17:48:48Z https://community.developer.cybersource.com/t5/Integration-and-Testing/Content-Security-Policy-Woes/m-p/74264#M46124 <P>It seems like the latest Chrome update broke our Accept Hosted integration -- opening iFrameCommunicator.html to display the payment method form.</P><P>&nbsp;</P><P>We're now getting the error:</P><P>&nbsp;</P><P>Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('<A href="https://www.[site].com" target="_blank">https://www.[site].com</A>') does not match the recipient window's origin ('<A href="https://accept.authorize.net" target="_blank">https://accept.authorize.net</A>').</P><P>&nbsp;</P><P>Even though content-security policy is set and includes:</P><P>&nbsp;</P><P>frame-ancestors 'self'&nbsp; *.[site].com *.authorize.net;</P><P>&nbsp;</P><P>I've run verifications on content-security-policy, all is valid there.</P> Wed, 09 Dec 2020 17:48:48 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Content-Security-Policy-Woes/m-p/74264#M46124 obsidianreq 2020-12-09T17:48:48Z