I'm working on an LTI tool integration with Blackboard. When I create a placement for the tool, the following popup shows:
And when I open the tool link, the tool always launches in a new window.
The tool runs on https and doesn't send X-Frame-Options or Content-Security-Policy response headers. I'm using the Developer Virtual Machine for running Blackboard. I'm running Blackboard over http. I also tried running it over https (using the 9877 port) but the above warning still pops up. When I'm running it over https the browser still considers the connection as "Not Secure":
What should I do to make the tool link launch the tool in an iframe?