Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Content Security Policy directive: "frame-ancestors 'none' When Using getAccessTokenSilently with Auth0 #783

Open
6 tasks done
parth25 opened this issue Jul 4, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@parth25
Copy link

parth25 commented Jul 4, 2024

Checklist

Description

When we attempt to get a token using getAccessTokenSilently after a session has expired, we receive the following error:

Refused to frame 'https://****.uk.auth0.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'

Repository:

https://github.com/parth25/pos-react-auth0

clipboard

imgpsh_fullsize_anim (2)

Reproduction

  1. Allow the user session to expire.
  2. Call getAccessTokenSilently to retrieve a new access token.
  3. Observe the error in the console.

Additional context

We are using Universal Login for our Auth0 setup.
This issue appears to be related to the Content Security Policy settings of our Auth0 tenant. The frame-ancestors 'none' directive is preventing the request.

auth0-react version

2.2.4

React version

18.2.0

Which browsers have you tested in?

Chrome, Firefox

@parth25 parth25 added the bug Something isn't working label Jul 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant