I am developing a Kibana plugin and named it test-3. This is the content of kibana/plugins/test_3/public/components/main/main.js
:
import React from 'react';
export class Main extends React.Component {
constructor(props) {
super(props);
this.state = {};
}
componentDidMount() {
/*
FOR EXAMPLE PURPOSES ONLY. There are much better ways to
manage state and update your UI than this.
*/
const { httpClient } = this.props;
httpClient.get('../api/test3/example').then((resp) => {
this.setState({ time: resp.data.time });
});
}
render() {
const { title } = this.props;
return (
<iframe src="https://ai.query.ai"></iframe>
);
}
}
And i opened the Chrome and go to http://localhost:5601/vpr/app/test_3. It's failed to load https://ai.query.ai
and giving error: Refused to frame 'https://ai.query.ai/' because it violates the following Content Security Policy directive: "child-src blob:". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.
:
I think the iframe is failed to use is because of the content security policy. I wonder what should i do to make iframe works in this scenario? Thanks!!