Full disclosure: I an new to Drupal and am really struggling to get my head around it, so please keep that in mind if answering.
I’m setting up a site on my local dev box. I have to set up a module here, which I have mostly done, but I am getting an error when I trigger the module’s AJAX functions:
[Report Only] Refused to display ‘http://localdev.mysite.com/system/ajax‘ in a frame because an ancestor violates the following Content Security Policy directive: “frame-ancestors ‘none'”.
Looking this up on Google, I see that this is mostly an iframe related error, with the remote server not allowing its content to be embedded.
However, this is neither an iframe, nor from a remote site.
I found this documentation about setting X-Frame-Options: https://www.drupal.org/node/2735873
and so tried adding
$conf['x_frame_options'] = 'SAMEORIGIN';
to my global settings.php file, but this made no difference.
Would anyone know what I could try to get this working?