Control Content-Security-Policy Header for SharePoint Pages
With November 2023 cumulative update for SharePoint Server Server the following Content-Security-Policy header was included in the response of http requests: Content-Security-Policy: frame-ancestors ‘self’ teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com; This change causes problems for some customers which already have their own Content-Security-Policy response header in […]