10055-11—CSP: Meta Policy Invalid Directive
PUBLISHEDsecurity alertMedium
Passive
Metadata
摘要
The policy specified via meta element contains either or both the sandbox or frame-ancestors directive, which are not permitted inside meta CSP definitions.
解决方案
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.