have iframed a website with the below widget iframe code on the Embedded Widgets app in Freshsales:
<iframe src="[https://aviato.mindtickle.com](https://aviato.mindtickle.com/)" width="100%" height="1000" frameborder="0"></iframe>
However, I am unable to access the site due to the error-
Refused to frame 'https://aviato.mindtickle.com/' because an ancestor violates the following Content Security Policy directive
I have added *.myfreshworks.com in the CSP header which should work given that the ancestor domain is myfreshworks.com for Freshsales.
The response to the query from app developer was -
The custom app simply just displays the iframe and does not have any control over blocking iframes.
The product (freshsales and all freshworks products) blocks some iframes due to security reasons and there is no document/information available detailing the same.
Kindly reach out to Freshworks support so that they can contact their product team to check why this iframe is being blocked.
Whats the solution here? How can I get my iframe working in freshsales?