Hi @Sahil Shah ,
Thanks for reaching out.
This is expected as Safari does not support the ALLOW-FROM directive.
Instead, you can use the Content-Security-Policy header to control framing. You can set the Content-Security-Policy header to frame-ancestors to allow framing from specific sources.
To allow your Azure AD B2C user interface to be embedded in an iframe, a content security policy
Content-Security-Policy and frame options
X-Frame-Options must be included in the Azure AD B2C HTTP response headers.
Hope this will help.
Please remember to "Accept Answer" if answer helped you.