Symptoms:

  • When initializing the Link UI, you see a grey box instead of the Link UI
  • An error in the browser’s console that says Refused to frame 'https://web.meshconnect.com/' because an ancestor violates the following Content Security Policy directive...

CORS Error

Causes:

  • When using the Link Web SDK in your page, Mesh SDK loads the Link UI using an iFrame component. Due to security reasons, we allow loading the Link UI only on a predefined set of URLs.
  • If you are using a Content Security Policy (CSP) directives on your website, they might block loading an external iFrame into your page.

Troubleshooting:

  • Add your website’s URL to the list of Allowed Link URLs in our dashboard.
  • Add the following CSP directives to your site:
    frame-src: *.getfront.com, *.meshconnect.com

Unable to connect an OAuth integration

Symptoms:

  • When authenticating on a third party integration’s side (e.g., Coinbase or Gemini), the user gets stuck on a page displaying a loading spinner

Causes:

  • Ad-blocking software is not officially supported with Link UI, and some ad-blockers have been known to cause issues with Link.
  • Some browsers have built-in ad-blocking service (Brave Browser) which prevents Link UI from using the browser’s storage.

Troubleshooting:

  • Disable all ad-blockers in your browser