Blocked by Content Security Policy An error occurred during a connection to fr.surveymonkey.com. Firefox prevented this page from loading in this way because
I am in a non-profit organization that is testing a survey on our site using Survey Monkey. I tried a suggestion that I found from a similar situation. I right-clicked on the frame and opened it on another page but this takes me to the main page of the Survey Monkey website not to the specific survey. I am able to open the survey on the site using Explorer and Chrome, neither of which I like to use if I can avoid it.
Here is the entire message:
Blocked by Content Security Policy
An error occurred during a connection to fr.surveymonkey.com.
Firefox prevented this page from loading in this way because the page has a content security policy that disallows it.
Thanks for any help
Svi odgovori (3)
Yes. That is the main page of Survey Monkey. What I need to do is access the actual survey.
Hi Finster, Content Security Policy (or CSP) refers to rules sent by a web page. One of those rules can be that no frames are allowed, or no embedding is allowed.
A page like the survey can instruct browsers not to allow embedding by setting a frame-ancestors policy specifying where the page is allowed to be embedded. SurveyMonkey doesn't mention that you have to give a list of sites allowed to embed the survey in these articles --
- https://www.surveymonkey.com/curiosity/how-to-embed-your-survey-on-a-website/
- https://help.surveymonkey.com/articles/en_US/kb/Website-Collector
-- so they probably aren't blocking embedding on your site intentionally.
If you want to check, you can use Firefox's Network Monitor tool, which is part of the developer tools panel. If there are any Content Security Policy headers, you should be able to see them there.
To open the Network Monitor it the lower part of the tab, you can use either:
- "3-bar" menu button > Web Developer > Network
- (menu bar) Tools > Web Developer > Network
- (Windows) Ctrl+Shift+e
When you reload the page, Firefox should start listing all the files it is requesting. After the SM script loads and runs, Firefox should request the actual embedded survey page. Click that row when it comes up, and a pane should appear on the right with the Headers. If a different section of the panel displays, click Headers. In the "Response Headers" section do you see any Content Security Policy stuff?
If you want to share a link to a page demonstrating the problem, that might be easier.