CORS Error "The request client is not a secure context and the resource is in more-private address space" Occurs In The Browser DevTools Console And Embedded Views Cannot Be Displayed

Issue

After pasting the embed code into the webpage, the following Cross-Origin Resource Sharing (CORS) error occurs in the browser DevTools Console and embedded views cannot be displayed.

The request client is not a secure context and the resource is in more-private address space

Environment

Tableau Server
Google Chrome

Resolution

Option 1:
Make sure both the website and Tableau Server are using the HTTPS protocol (SSL or TLS) even though both ends are in a closed network. For more information, see Enabling CORS on Tableau Server for the REST API.

Option 2:
Instead of using embed code (Tableau JavaScript), specify the View URL with <iframe> tag. For more information, see Specify the View URL.

Option 3:
Try other supported browsers. For more information, see Recommended Browser for Tableau Server Visualizations.

Cause

This is a third-part related issue. When accessing private IP addresses, Chrome is requests a secure connection.
Chrome is deprecating access to private network endpoints from non-secure websites as part of the Private Network Access (formerly known as CORS-RFC1918) specification. For more information, please refer to the third-party links below*.
What is Private Network Access
Chrome's plans to enable CORS-RFC1918
*Although we make every effort to ensure links to external websites are accurate, up to date, and relevant, Tableau cannot take responsibility for the accuracy or freshness of pages maintained by external providers. Contact the external site for answers to questions regarding its content.

Additional Information

As a security measure, we suggest always make API calls to Tableau Server using the HTTPS protocol (SSL or TLS). For more information, see Using HTTPS (SSL/TLS) for API Calls.