diff --git a/src/PowderCoating.Web/Program.cs b/src/PowderCoating.Web/Program.cs
index 8ff44c1..1d38d5e 100644
--- a/src/PowderCoating.Web/Program.cs
+++ b/src/PowderCoating.Web/Program.cs
@@ -699,7 +699,7 @@ app.Use(async (context, next) =>
         "font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net; " +
         "img-src 'self' data: https:; " +
         $"connect-src {cspConnectSrc}; " +
-        "frame-src https://js.stripe.com https://hooks.stripe.com");
+        "frame-src 'self' https://js.stripe.com https://hooks.stripe.com");
 
     // Referrer Policy - control referrer information
     context.Response.Headers.Append("Referrer-Policy", "strict-origin-when-cross-origin");
diff --git a/src/PowderCoating.Web/Views/Inventory/Index.cshtml b/src/PowderCoating.Web/Views/Inventory/Index.cshtml
index 3f6545c..bed3762 100644
--- a/src/PowderCoating.Web/Views/Inventory/Index.cshtml
+++ b/src/PowderCoating.Web/Views/Inventory/Index.cshtml
@@ -519,7 +519,7 @@
             e.stopPropagation();
             const frame = document.getElementById('qrLabelFrame');
             frame.src = '@Url.Action("Label", "Inventory")/' + itemId + '?embed=true';
-            bootstrap.Modal.getOrCreate(document.getElementById('qrLabelModal')).show();
+            bootstrap.Modal.getOrCreateInstance(document.getElementById('qrLabelModal')).show();
         }
 
         // Make table rows clickable