CSP, Security headers to allow a web app to be embedded in a native iOS/Android app?
In my embeddable web app, I set the frame-ancestors directive of the CSP to the origins of the web applications where I allow my app to be embedded.
In my embeddable web app, I set the frame-ancestors directive of the CSP to the origins of the web applications where I allow my app to be embedded.