I'm running NGINX as a reverse proxy and I4ve set the Content-Security-Policy header and I'm running into problems with some directives.
I get the following errors in the console:
Unrecognized Content-Security-Policy directive 'disown-opener'. Unrecognized Content-Security-Policy directive 'reflected-xss'.
They are set in the following way:
disown-opener; reflected-xss block;
Everything I can find on it is a few years old and doesn't reall offer much information, are these still current or should I just get rid of them?
