From 0fc699f61c7d72368c5e111b92d4b8e5bf7eb852 Mon Sep 17 00:00:00 2001
From: Arun S <arun.s@aot-technologies.com>
Date: Tue, 17 Dec 2024 14:51:55 +0530
Subject: [PATCH] [Bugfix] Dashboard display issue with single domain
 configuration fix by changing frame-ancestors to 'self'

---
 redash/settings/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/redash/settings/__init__.py b/redash/settings/__init__.py
index 2784996d88..e1b0ba3a13 100644
--- a/redash/settings/__init__.py
+++ b/redash/settings/__init__.py
@@ -117,7 +117,7 @@
 # for more information. E.g.:
 CONTENT_SECURITY_POLICY = os.environ.get(
     "REDASH_CONTENT_SECURITY_POLICY",
-    "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval'; font-src 'self' data:; img-src 'self' http: https: data: blob:; object-src 'none'; frame-ancestors 'none'; frame-src redash.io;",
+    "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval'; font-src 'self' data:; img-src 'self' http: https: data: blob:; object-src 'none'; frame-ancestors 'self'; frame-src redash.io;",
 )
 CONTENT_SECURITY_POLICY_REPORT_URI = os.environ.get("REDASH_CONTENT_SECURITY_POLICY_REPORT_URI", "")
 CONTENT_SECURITY_POLICY_REPORT_ONLY = parse_boolean(