Open mobilelifeful opened 1 year ago
Hello
Unfortunately, the implementation of X-Frame-Options header and Content Security Policy’s frame-ancestors is deployment dependent and must be implemented in the web server, not as meta tags in the code.
In any case, content security policy is not a set and forget setting, so it's best that this is something you review and declare yourself.
https://observatory.mozilla.org/analyze/hellotham.github.io
Thank you.