We have an web application accessed using https, that uses CSP technology with frames.
The initial 'login' is via a single CSP page, which then redirects to another CSP page which creates the frames (4 in all) and loads a CSP page in each of those. For the most part the frames load without error, but sometimes when logging in and sometimes while using the system ' 5916 Illegal CSP Request ' errors occur.
I say 'login' in inverted commas as a Cache login is not performed just an application login, I don't know if that's relevant so thought I'd mention it.