Open
Cached
·
just now
15
directives
Content-Security-Policy
No enforced CSP headers found.
Content-Security-Policy-Report-Only
Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com ajax.googleapis.com js.pusher.com use.fontawesome.com sdk.amazonaws.com app-rsrc.getbee.io loader.getbee.io localhost:3000 localhost:8080 127.0.0.1:3000 127.0.0.1:8080; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com fonts.googleapis.com; img-src 'self' secure.gravatar.com cartstack.s3.amazonaws.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src 'self' api.cartstack.com ws-us3.pusher.com wss://ws-us3.pusher.com bee-auth.getbee.io bee-utils.getbee.io bee-stats.getbee.io bee-sentry.beefree.io bee-bumper.getbee.io localhost:3000 localhost:8080 ws://localhost:3000 ws://localhost:8080; frame-src 'self' app.getbee.io; default-src 'none'; object-src 'none'; media-src 'self'; worker-src 'self'; manifest-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; report-uri /csp-report.php
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-inline'
script-src
Host
—
script-src
Host
—
script-src
Host
—
script-src
Host
—
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
img-src
Keyword
—
'self'
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
connect-src
Keyword
—
'self'
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
connect-src
Host
—
frame-src
Keyword
—
'self'
default-src
Keyword
—
'none'
object-src
Keyword
—
'none'
media-src
Keyword
—
'self'
worker-src
Keyword
—
'self'
manifest-src
Keyword
—
'self'
base-uri
Keyword
—
'self'
form-action
Keyword
—
'self'
frame-ancestors
Keyword
—
'self'
report-uri
Host
—