Content Security Policy (CSP) issue – frame-src ‘self’

If the accessibility widget does not load on your website and the browser console reports a Content Security Policy (CSP) error, the most common cause is a restrictive frame-src directive.

How to identify the issue?

In the browser developer console, you may see an error indicating that frames are only allowed from the same origin (frame-src 'self').

How to fix it?

To allow the accessibility widget to function correctly, update your CSP configuration to include the following domain: wcag.dock.codes

Example CSP configuration: default-src 'self' wcag.dock.codes;
frame-src 'self' wcag.dock.codes;

After applying the changes and refreshing the page, the widget should load correctly. This adjustment maintains a high security level, as it allows content only from a trusted domain responsible for accessibility features.

Others in this category

Blocking scripts when using the Consent Manager plugin

Widget configuration from account not working

Exclusion of DockWCAG from optimization in LiteSpeed Cache

Displaying the correct language version

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.