Verify that a suitable X-Frame-Options or Content-Security-Policy: frame-ancestors header is in use for sites where content should not be embedded in a third-party site.

Open spyd3r opened 5 years ago

spyd3r / merlin