Open
Cached
·
just now
17
directives
Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src https://appleseedcdn.apple.com 'nonce-cog946wKrQBFwuWcj2BPIg=='; style-src https://www.apple.com https://appleseedcdn.apple.com 'nonce-cog946wKrQBFwuWcj2BPIg=='; connect-src 'self'; frame-src 'self' https://appleseedcdn.apple.com; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; worker-src 'none'; manifest-src 'none'; script-src-attr 'none'; style-src-attr 'none'; upgrade-insecure-requests; font-src https://www.apple.com; img-src https://appleseedcdn.apple.com; report-uri /csp-violations
default-src
Keyword
—
'none'
script-src
Nonce
—
'nonce-cog946wKrQBFwuWcj2BPIg=='
style-src
Nonce
—
'nonce-cog946wKrQBFwuWcj2BPIg=='
connect-src
Keyword
—
'self'
frame-src
Keyword
—
'self'
base-uri
Keyword
—
'none'
form-action
Keyword
—
'self'
frame-ancestors
Keyword
—
'none'
object-src
Keyword
—
'none'
worker-src
Keyword
—
'none'
manifest-src
Keyword
—
'none'
script-src-attr
Keyword
—
'none'
style-src-attr
Keyword
—
'none'
upgrade-insecure-requests
Source
—
(no sources)
report-uri
Host
—
Content-Security-Policy-Report-Only
No report-only CSP headers found.