Excel
A family of Microsoft spreadsheet software with tools for analyzing, charting, and communicating data.
1,441 questions
Required Domains to be Added in Frame-Ancestors
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 20%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Gelica Sigrid Semillano
5
Reputation points
Hi all,
We have an officejs add-in where we recently added CSP headers to allow iframing to specific domains only by implementing frame-ancestors.
Currently here is a list of our whitelisted domains for the add-in, I just wanted to confirm if we are already able to cover all possible instances and or if we missed out a domain?
"https://*.officeapps.live.com",
"https://*.sharepoint.com",
"https://*.companynamesample.com",
"https://onedrive.live.com"
Apologies if I posted in the wrong channel, used the wrong tags, or if this is a duplicate question. Would greatly appreciate it if you could give me an answer to this or redirect me to the accurate QA page.
Thanks in advance!
Excel
Office Development
Office Development
Office: A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.Development: The process of researching, productizing, and refining new or existing technologies.
3,458 questions
{count} votes
-
Gelica Sigrid Semillano 5 Reputation points
2023-05-10T11:08:29.3366667+00:00 Just to add more context into this our add-in application is used in Excel web, and we're planning to release this also in PC/MAC in the future
Sign in to comment