do I need CSP: frame-ancestors on a redirect page?
We are implementing clickjacking protection on our website as follows:
By default every page on our site has frame-ancestors self
We have a list of pages that are specifically designed to be embeddable in 3rd party apps, so those pages do… Continue reading do I need CSP: frame-ancestors on a redirect page?