Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Drop CSP frame-ancestor: 'none' if other sources exist
If both 'none' and other values (e.g. 'self') are defined for the frame-ancestor CSP directive, http_csp_value() now drops 'none', which is the default set by MantisBT core, and can only exist by itself. Fixes #26093
- Loading branch information