Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding support for frame-ancestors #33

Open
JavanXD opened this issue Nov 23, 2020 · 0 comments
Open

Adding support for frame-ancestors #33

JavanXD opened this issue Nov 23, 2020 · 0 comments

Comments

@JavanXD
Copy link

JavanXD commented Nov 23, 2020

First of all - thanks April! It is a very helpful add-on, exactly what I've searched for. I was able to create the policy within only 5 minutes.

The use of the X-Frame-Options header and Content Security Policy’s frame-ancestors directive are a simple and easy way to protect your site against clickjacking attacks.
Reference: Mozilla Web Security Guidelines (X-Frame-Options)

The X-Frame-Options header will be soon obsolete as it is replaced by the frame-ancestors directive.
Can you please add support for this frame-ancestors? The observatory service is already validating if a frame-ancestors directive does exists.
@JavanXD JavanXD changed the title Adding support for 'self'; Adding support for frame-ancestors Nov 23, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@JavanXD