ExamGecko
Home / Adobe / AD0-E716 / Practice Test 1
Ask Question

Adobe AD0-E716 Practice Test 1

Add to Whishlist
00:00:00
Show Answer
Report Issue   Restart test

Question 1 / 40

An Adobe Commerce developer has added an iframe and included a JavaScript library from an external domain to the website. After that, they found the following error in the console:

Refused to frame [URL] because it violates the Content Security Policy directive.

In order to fix this error, what would be the correct policy ids to add to the csp_whitelist.xml file?

frame-src and script-src
frame-src and script-src
default-src and object-src
default-src and object-src
frame-ancestors and connect-src
frame-ancestors and connect-src
Comment (0)
Suggested answer: C
Explanation:

The frame-ancestors directive specifies the domains that are allowed to embed the current page in an iframe. The connect-src directive specifies the domains that are allowed to be loaded by the current page through a <script> tag or XMLHttpRequest.

In this case, the developer has added an iframe that embeds a page from an external domain. The Content Security Policy (CSP) is preventing the iframe from being loaded because the domain of the external page is not listed in the frame-ancestors directive.

To fix this error, the developer needs to add the domain of the external page to the frame-ancestors directive. They can do this by adding the following line to the csp_whitelist.xml file:

<frame-ancestors>https://www.example.com</frame-ancestors>

asked 02/10/2024
Riaan Cilliers
35 questions