Hey there,
Hope you can help me out. I want to embed an Twitch Player (Live) for my extension (without iframe, but with object).
My first review gave me some hint:
Please ensure your extension is adhering to our Content Security Policies listed here: Life Cycle Management | Twitch Developers
Due to Announcements and Life Cycle Management I had an issue with embed Twitch Player as an extension (its not an iframe!). In the Content Security Policy (CSP) paragraph exists an part of:
(…)
frame-ancestors https://supervisor.ext-twitch.tv https://extension-files.twitch.tv **https://`.twitch.tv** https://
.twitch.tech https://localhost.twitch.tv:
https://localhost.twitch.tech:
http://localhost.rig.twitch.tv:
*`;
(…)
So I expected to embed a Twitch Player as video overlay like this, because “object” is also an frame-ancestors:
<object data="https://player.twitch.tv/?channel=bytethinks&parent=twitch.tv"></object>
It works fine in the Twitch Developer Rig, so I comit this to review. At the review test streaming page from Twitch, the code does not work – against my expectations I got an error:
Refused to load Twitch because it appears in neither the object-src directive nor the default-src directive of the Content Security Policy.
What I’m doing wrong? Or better: How can I make this work?
Thanks! !