alt Hacker NewsIt states something about "your organisation's security requirements", do they document what requirements cause this rejection page? Some kind if changed default perhaps?
Replies
tyingq • today at 5:23 PM
Maybe not, but I have the feeling Google doesn't like that FF continues to support manifest v2.
➕ show 1 reply
No, this is easily the biggest flaw in CAA - there is no way to discover which policy broke your access. I have reported this to Google multiple times, even sent this directly to a Google SecEng (a well known one) to route internally. The issue persists and makes configuring CAA extremely painful and error prone.