hey just wanting to loop back on this to see if anyone else is able to provide any additional insight...Having an issue with the Facebook Chat plugin script being blocked by safari only on a SS4 site. I am using it on my other SS3 site with no problems, but on the SS4 site, i'm getting the following error
Refused to load https://www.facebook.com/v3.3/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1e39fc12169528%26domain%3Dwww.greatwestradon.com%26origin%3Dhttps%253A%252F%252Fwww.greatwestradon.com%252Ff2b1d5461dc26e6%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=Hi!%20Feel%20free%20to%20ask%20us%20a%20question%20as%20you%20explore!&logged_out_greeting=Hi!%20Feel%20free%20to%20ask%20us%20a%20question%20as%20you%20explore!&page_id=774170459596443&sdk=joey&theme_color=%23009bd1 because it does not appear in the frame-ancestors directive of the Content Security Policy.
I've tried using firesphere's CSP module, to no avail, i've tried setting the CSP header via meta tags and via htaccess, to no avail...
I just can't make sense of why this is not an issue in SS3 but is in SS4, in the same server environment setup
Someone please help if you can!
haha thanks...hardly a hero...you helped me get there @null
ok @Firesphere i'll check out the module
you guys see anything wrong with this? i'm getting a 500 on ths
Header set Content-Security-Policy "default-src 'self'; script-src *; frame-ancestors http://www.facebook.com";
oh i'm all for learning, but not when it's breaking functionality on a client's website
doesn't help my case...since i'm not well versed in this CSP stuff
haha fair enough
and still the error in Safari 😞