We are getting a frame-ancestors related iframe error when attempting to use the hellosign-embedded library from our application, the application is hosted in Firebase
example of error message:
Refused to frame 'https://app.hellosign.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
example of headers configuration for firebase hosting:
"headers": [
{
"source": "**/*",
"headers": [
{
"key": "Cache-Control",
"value": "no-cache"
},
{
"key": "Content-Security-Policy",
"value": "frame-ancestors 'self' *://*.hellosign.com"
}
]
}
]
So either these settings are not being recognized, or there is a deeper issue.