9
Views
1
Comments
Content Security Policies delivered via a  element
Question
Platform Version
11.9.1 (Build 20359)

After apply Content Security Policies, there is a message on browser console:

"Content Security Policies delivered via a <meta> element may not contain the report-uri directive.
Content Security Policies delivered via a <meta> element may not contain the frame-ancestors directive."


Can I apply that out of <meta> element?


Thanks

Rank: #295

Hi Felipe,

Please refer to the following links for the CSP directives you have mentioned, you will find some helpful information about these.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors


It will help you hopefully, Thanks :)