i’m trying to use a 3rd party contact form that is tied into our crm.. but i get a blocked by csp error … here’s the code:
<iframe src=”https://cromey-law-pa.mycase.com/contact_us/ZLiCTD5kjcaDeCN29FYQCH5D” title=”Contact Us Form” style=”border:none;” width=”600″ height=”800″></iframe>
please help… thank you!
It says clearly that it has been removed. Thus why you’re receiving a 404
Hi Steph, I appreciate the quick response but I don’t follow. I am getting a block by CSP error. There are no 404’s. If I right-click on the frame I can open the frame in a new tab and the external page is loading with no issues…
Mea culpa! I just noticed the 404… This is the direct URL they gave me:
Which loads fine…
And this is the unedited iframe:
<iframe src=”https://cromey-law-pa.mycase.com/contact_us/ZLiCTD5kjcaDeCN29FYQCH5D” title=”Contact Us Form” style=”border:none;” width=”600″ height=”800″><!– Specify a width and height by changing the width/height properties of this iframe –></iframe>
- This reply was modified 2 years, 4 months ago by bullseyeseo.
Hey there, I’m on mobile now so can’t post a pic of the 404 that I see. But yeah that file no longer exists. That’s what a 404 means. The source inside the iframe doesn’t exist. Doesn’t matter that their page loaded, the browser is looking for a file.
I just noticed the forum inserted these characters: ” (Escape characters for the quotation) in the Iframe and that was causing the 404… The actual code is correct on the site and is pointed to the proper external contact form.
Those forum posters. How dare they add extra characters. So you’re saying you’re all set? All is well?
Sorry man, doing too many things at once. No, the issue remains. Although, I see your confusion. It seems when I paste the Iframe code the word press forum changes the last quotation mark into an escape code and since it appears on the end of the URL string it is tagging characters onto the URL that are causing the 404.
That is what generated the 404. The actual code is okay and is generating a blocked by CSP error. I pasted the URL above in a prior post on this thread so you can see where the URL is supposed to go…
Thanks for your patience, and your help! I really appreciate it…
Wrap your code inside a code snippet then. That’s the lil button that says CODE.
Click it then paste then click it again
- This reply was modified 2 years, 4 months ago by Stef.
Got it! Sorry, I have not posted to a forum in almost 20 years…
Here’s the inline frame:
<iframe src="https://cromey-law-pa.mycase.com/contact_us/ZLiCTD5kjcaDeCN29FYQCH5D" title="Contact Us Form" style="border:none;" width="600" height="800"><!-- Specify a width and height by changing the width/height properties of this iframe --></iframe>
This is the hyperlink:
So, I’m trying to figure out why you’re needing to add this contact form to any other site.
First, it’s not only a security breach…I’ve never seen a form from someone else’ site used as a iframe. Especially because it’s a security no no.
The form was provided by my client’s law firm CRM service… They want all contacts automatically imported into the CRM – which this apparently does.
Frankly, it’s just a simple contact form not a whole intake form so the value is questionable. They may save 30 seconds on data entry, but mine is not to ask how or why… Etc. etc.
I contacted the CRM provider first and they said ‘it’s a word press error ask them’. Great support! Both the website and the contact form are running under SSL. The website can be found at:
Same problem. I left it online so you can see it if you have time:
Thanks for the help…
- The topic ‘iframe blocked by csp’ is closed to new replies.