Frame-ancestors content security policy on twitter videos



On twitter videos header, there is a complete content security policy list with different rules. On chrome, there is frame-ancestors *; that allow to play videos on any URL except filesystem (this rule is not present on safari by the way). In my case, I display tweets on a cordova application, so technically in a webview displaying a file system and regarding the content security policy the video will be inacessible.

Strangely I find no complaints about that on internet, I don’t think I am the only guy that try to display tweets on hybrid applications… but this rule doesn’t allow to play twitter video on android while it works on ios. Is there any explinations about this rule? because there is no way I will be able to make the video playable on my application with it.

closed #2

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.