Iframe Embedding Issue – CSP frame-ancestors Error

Hello Ues.io Support Team,

While testing the embedding of our Ues.io application inside an external website using an iframe, we are encountering a browser error that says: “Refused to frame because an ancestor violates the following Content Security Policy directive: frame-ancestors 'none'.” This happens consistently when we try to load the app inside an iframe on another domain.

We are currently testing this integration and would like to understand how embedding a Ues.io app inside an iframe is expected to work. Could you please let us know what configuration, setup, or supported approach should be used to enable iframe embedding, or if there are any specific requirements or limitations we should be aware of?

Additionally, we would like to confirm whether there are any restrictions or special considerations around cookies, session storage, or local storage when the Ues.io app is running inside an iframe—particularly in cross-domain scenarios (for example, third-party cookies, SameSite settings, or storage access limitations).

For reference, the application is hosted on Ues.io and the issue occurs only during iframe embedding. I am attaching a screenshot of the browser console error below.

image1440×584 24.2 KB

Thank you for your guidance.

Thank you for your patience @rbdwt09 While we are hard at work with our new release expected at the end of March with some amazing new capabilities, we haven‘t forgotten about this. Unfortunately we have investigated this issue and decided that it would be best not to iFrame ues.io for now. Your best option would be to have a redirect (maybe a button?) from your web URL to the use.io app URL. That way you can get to use the full functionality of our platform for both desktop and mobile.