do you know any means how to control Content Security Policy (CSP) within PowerApps? I am facing sudden change in behaviour where my script gets blocked. I would like to append the domain the script is communicating with into the list of allowed CSPs. Is it possible to configure somehow?
We are facing a similar issue.
We have embed canvas app in model driven app.
Embed the model drivel app into portal.
When portal is launched, the canas app embed in model driven app is blocked due to content security policy.
Below is the error details.
Failed to load resource: the server responded with a status of 502 ()
Some resources are blocked because their origin is not listed in your site's Content Security Policy (CSP). Your site's CSP is allowlist-based, so resources must be listed in the allowlist in order to be accessed.
A site's Content Security Policy is set either as via an HTTP header (recommended), or via a meta HTML tag.
To fix this issue do one of the following:
Kindly guide and provide inputs on how to solve this .
Hi I am also facing the same issue, using the new powerbi-client-angular package released by Microsoft.
Embeded report in an Angular app then.
The problem seems to be coming from the report side.
Did you have any solution for that?
In my scenario, MS had informed that the canvas app embed in the model driven app works only if its within the CRM and it is blocked when launched via portal.
Since this is not achievable as per Microsoft security policy, we dropped this idea and looked for other options.
Kindly raise ticket with MS and look for solutions. Thanks!
i'm trying to display Share Point site (internal office 365 SP site) with an iframe in model driven app. I'm facing similar issue, it says that CSP block the resource. Did any of you find some solution of how to make it work?
I tried to display it as Html Web resource but it does not look well.
Thank you in advance for the response.
Keep up to date with current events and community announcements in the Power Apps community.
A great place where you can stay up to date with community calls and interact with the speakers.
Check out the latest Community Blog from the community!