Add multiple trusted sites to allow iFrame

To allow more than one website, perform the steps as shown in Adding a trusted site to allow iFrame.

Procedure

  1. In the HTTP Header Security filter, add a comma separated list of URIs as the antiClickJackingUris value:

    <init-param> <param-name>antiClickJackingUris</param-name> <param-value>http://website-a.com, http://website-b.com:9999 </param-value> </init-param>

  2. In the Content-Security-Policy filter, add the URI to the policy parameter value, separated by a space:

    <init-param> <param-name>policy</param-name> <param-value>frame-ancestors http://website-a.com http://website-b.com 'self' </param-value> </init-param>