frame-src is not deprecated
kevna opened this issue · 2 comments
kevna commented
The site says that frame-src is deprecated in favour of child-src when this is not the case
According to the W3C child-src is deprecated in favour of frame-src and worker-src
W3C: https://w3c.github.io/webappsec-csp/#directive-child-src
john-harding commented
Just saw this as well. While frame-src was originally deprecated in favor of child-src, this was reversed.
pfreitag commented
Fixed