Content-Security-Policy

Content-Security-Policy

Sample output #1

<meta http-equiv=โ€Content-Security-Policyโ€
content=โ€
default-src โ€˜selfโ€™ โ€˜unsafe-inlineโ€™;
font-src โ€˜selfโ€™ https://url.com;
style-src โ€˜selfโ€™ โ€˜unsafe-inlineโ€™ https://url.com;
script-src โ€˜selfโ€™ โ€˜sha256-gSAFTnjCZPmQx1AtAQAYIU+/IL04OQhhbGWKojxHtCk=โ€™ https://url.com;
img-src โ€˜selfโ€™ data:; manifest-src โ€˜selfโ€™;
connect-src โ€˜unsafe-inlineโ€™ https://url.com https://url.com;
object-src โ€˜noneโ€™;โ€>

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store