Cross Origin for local iframe

Hi, apologies for the newb question, and im sure i have come across this before but cant find it atm. I have an iframe that references a source on my local network from within my Home Assistant. I am getting a CORS error in Sharptools and the iframe is being blocked. Do I need to allow Sharptools in HA somewhere or is this a Sharptools thing?

Are you sure it’s being blocked because of CORS issues and not mixed content issues?

Many modern browsers have started blocking Mixed Content – in other words, they won’t let you embed HTTP content in an HTTPS site (unless you specifically flag it as enabled).

If you’re sure it’s a CORS issue, can you share some more details on what you’re trying so I can better understand?

Yeah think your right. This is the message:

Mixed Content: The page at ‘SharpTools App’ was loaded over HTTPS, but requested an insecure frame ‘
Just tried setting the insecure content in chrome to “allow” but that doesn’t seem to have changed anything.

Check the article I linked above. Chromium based browsers introduce a bug in version 111 that causes the ‘Allow Insecure’ flag to not work. You can work around it by using a

In your case, give the following a try…