Closed
Bug 1343934
Opened 7 years ago
Closed 7 years ago
x-frame-options should be ignored if CSP frame-ancestors directive is present
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
DUPLICATE
of bug 1024557
People
(Reporter: bkelly, Unassigned)
Details
Spec for CSP v2: https://www.w3.org/TR/CSP2/#frame-ancestors-and-frame-options Test from blink repo that could be upstreams: https://cs.chromium.org/chromium/src/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-overrides-xfo.html?sq=package:chromium&q=frame-ancestors-and-x-frame&l=11
Updated•7 years ago
|
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•