We use BS embed links to load workspace in an iframe.
If you follow the following steps, you will end up with the error
Refused to frame 'https://client.apps.us.bluescape.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.apps.us.bluescape.com teams.microsoft.com *.teams.microsoft.com *.skype.com *.webex.com *.popsync.io popsync.io".