I have enabled the Content Security Policy for my application but after enabling it , I am getting frame-ancestors directive error in browser console.
I tried 'self' and '*' in the box for frame-ancestors but I didn't get success. One more thing whenever I removed gap: and save the changes , gap: automatically added in the box.
Please help me on this, how can I remove this browser console error.
Hi Shailendra,
Have you defined CSP anywhere else inside your applications using <meta> elements?
Because what this error says is, it is not supported to add frame-ancestors an report-uri directives using <meta> elements.
It is true that gap: is automatically added by the platform, because gap: protocol is needed for Cordova Internal API's,
Regards,
Nordin
Nordin Ahdi wrote:
No , I didn't define CSP anaywhere in my application. I just enabled the CSP from the lifetime. You can also re-preduce this issue in local environment. You need to just enable the CSP from the lifetime.
Thanks
I have also enabled the CSP from life time, and published the module to check the behavior. I found it to be working fine, no error is there in console. Also I can see CSP added to the response header.
Are you doing anything different?
Thanks,
Sachin