Support for the frame-ancestors directive

Support for the frame-ancestors directive
- https://w3c.github.io/webappsec-csp/document/#directive-frame-ancestors
- [OWASP browser list](https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet#Limitations)

Similarly you could highlight X-Frame-Options Header Types
- [OWASP maintains a list](https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet#Browser_Support)
