Navigation directive

CSP navigation directives are used in a Content-Security-Policy header and govern to which location a user can navigate to or submit a form to, for example.

Navigation directives don't fall back to the default-src directive.

List of CSP Navigation directives

Restricts the URLs which can be used as the target of a form submissions from a given context.
Specifies valid parents that may embed a page using <frame>, <iframe>, <object>, <embed>, or <applet>.
Restricts the URLs to which a document can initiate navigation by any means, including <form> (if form-action is not specified), <a>, window.location,, etc.