Error Unrecognized Content-Security-Policy directive 'navigate-to' in iframe

Hi, I’m creating a plugin for Jira cloud through Forge and I need to render an external iframe using a URL but I’m getting the error: Unrecognized Content-Security-Policy directive ‘navigate-to’.
I think I have the necessary permissions in the manifest.yml

permissions:
  scopes:
    - 'read:jira-user'
    - 'read:jira-work'
  external:
    frames:
      - 'https://tkbatchserver.com'

I’ve tried to render the { IFrame } tag from ‘@forge/ui’; but I get the error mentioned above

2 Likes

I have the same issue. It would be great if someone could shed some light on it.

I am also seeing this on a custom hosted forge ui app. In my scenario I am not trying to include an external frame. Just the main custom ui is not loading due to this in the console logs

Unrecognized Content-Security-Policy directive ‘navigate-to’

I do have the same issue, and I’m trying to understand why, however if I add the app manually via “…” menu I can see the app on the page.

@Atlassian-Staff any ideas?

I’m also getting this error from the template Jira Issue Action. I get this in the console log:

Unrecognized Content-Security-Policy directive ‘navigate-to’.

This shows it’s coming from this line in my index.html for my customUI app:

which was part of the template.

Any ideas on this one?