๐Ÿ”ฌ
MAZING World
  • ๐Ÿ‘‹Welcome to MAZING World
  • Overview
    • โœจOur Products
  • Product Guides
    • ๐ŸงŠCreate 3D Model with AI
    • ๐Ÿ“ชUpload Your Own 3D Model
    • ๐Ÿ“ŽUsing a Template
      • ๐Ÿ–ผ๏ธAugmented Reality Art
      • ๐ŸชกVirtual Carpet
      • ๐Ÿ—ƒ๏ธBulk Uploader
    • ๐Ÿ˜ปGlass Try-On
    • ๐ŸงฎCreate 3D Configurator
    • ๐Ÿ“ฆAI Product Visuals
      • ๐Ÿ“ฝ๏ธCreate Silo Renderings
      • ๐Ÿ‘”Create Lifestyle Renderings
      • ๐ŸŽž๏ธCreate AI 3D Videos
    • ๐ŸคฏPremium Features
      • ๐Ÿ–ฅ๏ธTexture Change
      • ๐Ÿ”ญUsing Hotspots
      • ๐ŸŽฅViewer Settings
      • ๐Ÿ‘ฅUsing Shadows
      • ๐Ÿ’ŽDiamond Material
      • ๐Ÿ”ฅFire Particles
      • ๐Ÿ—ฃ๏ธCall To Action
      • ๐ŸŽฌVideo Texture
      • ๐ŸŽบUsing Sound
      • ๐ŸŽž๏ธGif Texture
      • ๐Ÿ’ฑAdvanced Editor
  • INTEGRATION
    • ๐Ÿ˜ŽIFrame On-site
    • ๐Ÿ’ปScript Integration
    • Shopware Plugin
    • ๐ŸŒWordpress
      • ๐ŸคฉWP Script Integration
      • ๐Ÿ”—WP Shortcode Integration
    • ๐ŸงฉShopify
      • Script Integration
    • ๐Ÿ’ซVariant Integration
    • Additional Notes
      • Content-Security Policy
      • iFrame Flags & Setup
  • Project Management
    • ๐Ÿ“Model Feedback
  • ๐Ÿ“คSharepoint
  • Use Cases
    • ๐ŸงFor Designers
    • ๐ŸŽจFor Artists
    • ๐Ÿ“กFor Agencies
    • ๐Ÿ›๏ธFor eCommerce
  • APIs
    • ๐Ÿ‘จโ€๐Ÿ’ปAugmented Reality API
Powered by GitBook
On this page
  • โ—๏ธWhat is this about?
  • โœ… What you need to do
  • ๐Ÿ’ก Example
  • ๐Ÿ“Œ Why is this important?
  1. INTEGRATION
  2. Additional Notes

Content-Security Policy

Did you know... ?

โ—๏ธWhat is this about?

Some websites implement a Content Security Policy โ€“ a browser security feature that controls which domains are allowed to load certain types of content, such as iFrames, scripts, or images.

When our iFrame is embedded on a website without proper allowlisting, it can be blocked by the browser, resulting in an error like:

Refused to frame '' because it violates the following Content Security Policy directive: "frame-src ..."

โœ… What you need to do

If you are seeing this error and our iFrame is not loading correctly, it is likely because your websiteโ€™s CSP is not allowing mazing.link as a valid frame-src domain.

To fix this, you or your developer need to add the following domain to your CSP allowlist:

*.mazing.link

๐Ÿ’ก Example

If your current CSP looks like this:

Content-Security-Policy: frame-src *.google.com;

It should be updated to include:

Content-Security-Policy: frame-src *.google.com *.mazing.link;

๐Ÿ“Œ Why is this important?

Without this change, your browser will refuse to load the 3D/AR iFrame, and your visitors wonโ€™t see the interactive content. This issue often goes unnoticed unless developers check the browser console.

PreviousAdditional NotesNextiFrame Flags & Setup

Last updated 1 day ago