How to allow CLM integration with OSLC Consumer to work with Content-Security-Policy
Unicom Focal Point integration with CLM is broken with latest 6.0.5 due to Content-Security-Policy, getting Refused to display '<URL for the iFrame>' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' <URL for host2>".
2 answers
Two things you can try:
1. In Firefox, open about:config and set security.csp.enable = false. In Chrome, disable the Content Security Policy (various Chrome plug-ins available).
2. Set the following Advanced Properties:
Jazz Web UI (Ajax Services) >> Prevent clickjacking (X-Frame-Options) >> true
Jazz Web UI (Ajax Services) >> Clickjacking whitelist >> <all servers - e.g. Unicom Focal Point, CLM, etc.>
@paul
it's not working in CLM
Comments
Please open a Case (https://www.ibm.com/mysupport) for IBM Support to investigate this symptom in your environment.