The next iteration of CSP is far enough along to discuss. I'd appreciate it if you'd you give feedback on https://w3c.github.io/webappsec-csp/ :)
@mikewest is there anything regarding interaction between frame-ancestors and X-Frame-Options?
-
-
@tehjh: That will be in https://w3c.github.io/webappsec-csp/document/#directive-frame-ancestors …. Need to copy/paste over from http://www.w3.org/TR/CSP2/#frame-ancestors-and-frame-options …. ( https://github.com/w3c/webappsec-csp/issues/48 … ).Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@tehjh: Basically, if `frame-ancestors` is present, ignore `X-Frame-Options`.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.