Integration and Testing

Authorize.Net API questions and help with your payment integration.

Posts: 5
Registered: ‎09-15-2015

Content-Security-Policy Woes

It seems like the latest Chrome update broke our Accept Hosted integration -- opening iFrameCommunicator.html to display the payment method form.


We're now getting the error:


Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.[site].com') does not match the recipient window's origin ('').


Even though content-security policy is set and includes:


frame-ancestors 'self'  *.[site].com *;


I've run verifications on content-security-policy, all is valid there.