Default Attribute

self

Policy Description

The HTTP Content-Security-Policy (CSP) frame-ancestors directive specifies valid parents that may embed a page using <frame>, <iframe>, <object>, <embed>, or <applet>.Setting this directive to ‘none’ is similar to X-Frame-Options: deny (which is also supported in older browsers).