@tsteur
opened this Issue on February 4th 2022
@tsteur
follow up from https://github.com/matomo-org/matomo/pull/18215/files
It's not allowing shop.matomo.org to be opened in an iframe.
To reproduce go to Marketplace, then click on a premium feature, then click on Reviews tab
@sgiehl
commented
on February 4th 2022
@sgiehl
@tsteur According to the browsers message the problem actually is, that shop.matomo.org only allows to be framed by plugins.matomo.org by sending the csp header: frame-ancestors https://plugins.matomo.org;. I guess we would actually need to allow any source, as it might be opened by any matomo instance.
In addition it might also be needed to add frame-src: *.matomo.org within Matomo, but we can check that once the issue above is solved.
@tsteur
commented
on February 8th 2022
👍 thanks for this. created an internal issue
This Issue was closed on February 8th 2022