Article - CS364789

Unable to edit ThingWorx mashups due to Browser Content Security Policy error "Refused to frame 'http://<servername>/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'""

Modified: 29-May-2026

Applies To

ThingWorx Platform 8.5 to 10.1

Description

ThingWorx mashups appear inaccessible due to browser security errors
Unable to see mashups in the Design view preview
Mashup runtime displays correctly when loaded in a separate window outside the Composer

Firefox Developer console shows error:

Content Security Policy: The page’s settings blocked the loading of a resource at https://<servername>/Thingworx/Composer/index.html (“frame-ancestors”)"

Chrome developer tools console shows error:

Refused to frame 'http://<servername>/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

This is a printer-friendly version of Article 364789 and may be out of date. For the latest version click CS364789

Answers and online help

Support cases and reported issues

Ask the PTC Community

Product Support Home Page

Support services

Trying to solve an issue?

Download software

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

Find a PTC partner

PTC Implementation Services

Answers and online help

Support cases and reported issues

Ask the PTC Community

Product Support Home Page

Support services

Trying to solve an issue?

Download software

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

Find a PTC partner

PTC Implementation Services

Unable to edit ThingWorx mashups due to Browser Content Security Policy error "Refused to frame 'http://<servername>/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'""

Applies To

Description

Knowledge Base Access

Sign In

Sign In

Answers and online help

Support cases and reported issues

Product Support Home Page

Support services

Trying to solve an issue?

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

Answers and online help

Support cases and reported issues

Product Support Home Page

Support services

Trying to solve an issue?

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

Unable to edit ThingWorx mashups due to Browser Content Security Policy error "Refused to frame 'http://<servername>/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'""

Applies To

Description

Flagging content with inappropriate information will hide this article from public view for you and other customers, do you want to continue?

Knowledge Base Access

Sign In