cancel
Showing results for 
Search instead for 
Did you mean: 

Content Security Policy directive: "frame-ancestors 'none'" error coming suddenly for embeded iframe

I am using accept hosted embedded iframe of Authorize.net in portal for sandbox testing. It was working fine till yesterday i.e 20 May 2024.

But from today suddenly it started giving below error 

Refused to frame 'https://test.authorize.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

I checked the integration of accept hosted embeded iframe on developer guide i followed all steps but still it is giving error, 

Please help if anyone know how to resolve issue.

19 REPLIES 19

We're having this problem as well.

obsidianreq
Member

I am also facing this

PradeepY09
Member

Same here.  Live version of the same page doesn't seem to emit the Content Security Policy header at all.

msupko88
Member

same issue is happening for us ...prod url is working. Issue is with sandbox url only.

Jithu5148
Member

any updates from authorize.net? 

angel1604
Member

I also started seeing this issue in the sandbox environment overnight. I don't have a production environment, so can't confirm whether or not it works there. Asked a question about it on Stack Overflow that ~80 people have looked at, so guessing they were running into the same issue as well.

https://stackoverflow.com/questions/78511301/content-security-policy-error-when-trying-to-frame-auth...

rwawr
Member

I am in the same boat. My organization really needs this addressed or else we can't perform payment testing against authorize.net. I am relieved to hear that the Live version is working ok.

aacampillo
Member

As we all feared, this just broke in Production for us tonight.

johntr
Member

The same happened to us, and we have over 500 customers on a day-to-day basis.

usmanshah9
Member