Iframe-Embedded url teams Tab App not working




I am trying to embed url in Iframe but it giving me frame violation error.


Please not url already been modified for Content-Security-Policy: frame-ancestors * * as per Tab Requisite

am i missing anything.

Teams Tab App running in teams environment host as ngrok 

4 Replies

@suvi-15 -

The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

For More Information:


Prasad Das


If the response is helpful, please click "**Mark as Best Response**" and like it. You can share your feedback via Microsoft Teams Developer Feedback link.

Hi Prasad,
In Custom Team Tab Application in which we host application lets say in Azure... so that azure website url needs to be added in X-Frame-options or Team url?
Hi Prasad,
I read article which you shared and it mentioned that
"The frame-ancestors directive obsoletes the X-Frame-Options header. If a resource has both policies, the frame-ancestors policy SHOULD be enforced and the X-Frame-Options policy SHOULD be ignored."
best response confirmed by suvi-15 (Contributor)



I found the solution for this issue... normally when we create Custom Team Tab Application we host the application somewhere lets say in azure then we need to specify that domain in frame-ancestor.