Allow embedding External Share links in iframes by setting custom Content Security Policy
To set a custom Content Security Policy:
Go to External Share Global Settings.
Switch to the Others tab.
Set allowed domains. You can set multiple domains by separating them with spaces.
NOTE:
"https://*.atlassian.netandhttps://*.external-share.com"are added automatically. You do not need to set them manually.Save changes.
Content-Security-Policy header with passed domains will be added to every response with External Share content.