CSP problems "frame-ancestor: 'self'"

The "frame-ancestor: 'self'" error means that the web-server is not allowing the request URL to be embedded on the domain that tries to embed the URL. This is a web-server Content-security-policy problem.

Luckily there is a solution to solve this by saying:

Webserver a requested URL on domain X (e.g., *.online.tableau.com, any Tableau cloud domain) is allowed to be embedded. 

To achieve you need to add the following configuration to your webserver config:

Replace the "your-tableau-server-domain.com" with your Tableau Server domain!

Example for Nginx (Linux)

# This should be in the "server" block. 
# When only Tableau Cloud needs to be enabled
add_header Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com" always;

# When custom domain for your Tableau Server
add_header Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com your-tableau-server-domain.com" always;

Example for Apache2 (Linux)

<Directory /var/www/html>
  # Only Tableau cloud is enabled with this line
  Header always set Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com" always"

  # When custom domain for your Tableau Server
  Header always set Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com your-tableau-server-domain.com" always"

Windows IIS
Add the following in IIS Manager:
- Open IIS Manager
- Select the Site you need to enable the header for
- Go to "HTTP Response Headers."
- Click "Add" under actions
- Enter name and value and click Ok

Enter the following value, if: 

Tableau Cloud only:

frame-ancestors 'self' *.online.tableau.com always

When Tableau Server domain:

frame-ancestors 'self' *.online.tableau.com your-tableau-server-domain.com" always