The "frame-ancestor: 'self'" error means that the web-server is not allowing the request URL to be embedded on the domain that tries to embed the URL. This is a web-server Content-security-policy problem.
Luckily there is a solution to solve this by saying:
Webserver a requested URL on domain X (e.g., *.online.tableau.com, any Tableau cloud domain) is allowed to be embedded.
To achieve you need to add the following configuration to your webserver config:
Replace the "your-tableau-server-domain.com" with your Tableau Server domain!
Example for Nginx (Linux)
# This should be in the "server" block.
# When only Tableau Cloud needs to be enabled
add_header Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com" always;
# When custom domain for your Tableau Server
add_header Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com your-tableau-server-domain.com" always;
Example for Apache2 (Linux)
<Directory /var/www/html>
...
# Only Tableau cloud is enabled with this line
Header always set Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com" always"
# When custom domain for your Tableau Server
Header always set Content-Security-Policy "frame-ancestors 'self' *.online.tableau.com your-tableau-server-domain.com" always"
...
</Directory>
Windows IIS
Add the following in IIS Manager:
- Open IIS Manager
- Select the Site you need to enable the header for
- Go to "HTTP Response Headers."
- Click "Add" under actions
- Enter name and value and click Ok
Enter the following value, if:
Tableau Cloud only:
frame-ancestors 'self' *.online.tableau.com always
When Tableau Server domain:
frame-ancestors 'self' *.online.tableau.com your-tableau-server-domain.com" always