Using anchor tags in rendered HTML documents

I am having a difficult time getting anchor tags in HTML rendered by Jupyter to link to other HTML files in a users directory. I am using nginx as my reverse proxy to serve JupyterHub. I’m getting this error when clicking on a link:

Refused to display ‘https://corgiplex.com/user/customer_stylewhere/files/overview.html’ in a frame because an ancestor violates the following Content Security Policy directive: “frame-ancestors ‘self’ https://corgiplex.com”.

Given I see corgiplex host and one of the options in the frame-anscestors policy I’m reaaaally confused why that doesn’t work. Is that not how the CSP works?

I have a stackoverflow question here which will provide more information if needed.

I have tried adding the following configuration:

jupyterhub_config.py

c.JupyterHub.tornado_settings = { 'headers': { 'Content-Security-Policy': "frame-ancestors 'self' https://corgiplex.com"} }

jupyter_notebook_config.py (for the user --> $USER/.jupyter/jupyter_notebook_config.py)

c.NotebookApp.tornado_settings = {
    'headers': {
        'Content-Security-Policy': "frame-ancestors 'self' https://corgiplex.com"
    }
}

I’m pretty confused because it looks like the changes I made should be working based on the error message. Prior to adding the additional configuration the message read Content Security Policy directive: “frame-ancestors ‘self’” so it seems like progress. Likely I’m not understanding the spec :frowning:… any help is appreciated!