Skip to main content
Version: Current

Issue: Content Security Policy / "refused to connect"

Issue

We face 2 types of issue related to Content Security Policy (CSP):

  • You may be using a Content Security Policy to enforce a list of URLs from which resources can be loaded on to your site. This could be blocking your embedded landing page from loading.
  • We also use a Content Security Policy on your landing page to ensure that it can only be embedded on your domain. If we haven't included the domain of the page you're trying to embed your landing page on then this could also be blocking your embedded landing page from loading.
Solution

If CSP is causing an issue, you will see one of the two error messages listed below.

An issue with our CSP

Refused to frame 'https://www.studentbeans.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' ...".

If you see an error message similar to the above in your console then this is likely an error with our CSP.

Please contact your customer success representative and let them know the URL of the page you are trying to embed your landing page on. We will add this domain to our CSP to allow for your landing page to be embedded on this URL.


An issue with your CSP

Refused to frame 'https://www.studentbeans.com/' because it violates the following Content Security
Policy directive: "..."

If you see this error message in your browser console, it is likely the error is with your CSP.

You will need to update your CSP to include studentbeans.com, cdn.studentbeans.com, and accounts.studentbeans.com.