You will need to submit a support ticket with Khoros and have them implement it. They need to update your response header settings to include content security policy and include all relevant domains. You can also include an asterisk in your domain to cover any current or future subdomains. *.yourdomain.com and Change from x-frame-options: SAMEORIGIN Change to x-frame-options: ALLOW-FROM https://yourspecificdomain.com Inspect your page in Chrome, switch to the Network Tab, refresh your page, select the active URL from the list and check the settings they have set.
... View more