Content-Security-Policy Analysis for https://app.atlas.so

Open Cached · just now

12 directives

Content-Security-Policy

Content-Security-Policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; worker-src * blob:; style-src * 'unsafe-inline'; font-src * data:; img-src * data: blob:; media-src * data:; connect-src * blob:; frame-src *; object-src 'none'; base-uri *; form-action *;

default-src Host —

script-src Host —

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

worker-src Host —

worker-src Scheme —

blob:

style-src Host —

style-src Keyword —

'unsafe-inline'

font-src Host —

font-src Scheme —

data:

img-src Host —

img-src Scheme —

data:

img-src Scheme —

blob:

media-src Host —

media-src Scheme —

data:

connect-src Host —

connect-src Scheme —

blob:

frame-src Host —

object-src Keyword —

'none'

base-uri Host —

form-action Host —

Content-Security-Policy-Report-Only

No report-only CSP headers found.