Content-Security-Policy Analysis for https://app.displayr.com

Open Cached · just now

4 directives

Content-Security-Policy

Content-Security-Policy: object-src 'none';script-src 'nonce-106ac25206bb469e9c93a9dc7c37a27b' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;base-uri 'none';report-uri /BugCatcher/CspViolation

object-src Keyword —

'none'

script-src Nonce —

'nonce-106ac25206bb469e9c93a9dc7c37a27b'

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

script-src Keyword —

'strict-dynamic'

script-src Scheme —

https:

script-src Scheme —

http:

base-uri Keyword —

'none'

report-uri Host —

/BugCatcher/CspViolation

Content-Security-Policy-Report-Only

No report-only CSP headers found.