After apply Content Security Policies, there is a message on browser console:
"Content Security Policies delivered via a <meta> element may not contain the report-uri directive.Content Security Policies delivered via a <meta> element may not contain the frame-ancestors directive."
Can I apply that out of <meta> element?
Thanks
Hi Felipe,
Please refer to the following links for the CSP directives you have mentioned, you will find some helpful information about these.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
It will help you hopefully, Thanks :)