In the safari iframe 14.0 version, My one API is not working/calling and I am getting the error in the console,
Refused to load https://demo.com/admin/auth/login because it does not appear in the frame-ancestors directive of the Content Security Policy.
I am calling one API named admin/auth/login from another API named “home” and I can only debug until the execution is in the home API, once I call return $response->withRedirect($installUrl);
I am unable to debug even the first line of $installUrl and get the CSP error in the console.
Also in all the other browsers, my code is doing absolutely well, Only in mac safari 14.0 my code is not working, and getting errors in the console.
I am working in a Shopify app and in the safari iframe, I am getting this error.
I am stuck in this. Please guide me what are the fixes for this. I have tried putting some headers in .htaccess and in the slim PHP files too but got no luck at all.
If anyone knows about this scenario I would love to hear on this.
Thanks in advance.