MobileClient supports browser tabs by rendering content in a separate document tab and embedding external content within an iframe on that tab.
Because iframes limit cross-page communication, MobileClient does not support interaction between the application and the embedded external page. To ensure the embedded content displays, the external page must explicitly allow embedding by setting a Content Security Policy (CSP) header. (For details on setting this header, see the MDN documentation on CSP).
