Open
Cached
·
just now
7
directives
Content-Security-Policy
Content-Security-Policy: script-src 'nonce-PwPA+zc2QmXZyOf3OjDjwVurUGmWHeoWaaTqpjrT0EE=' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:; base-uri 'self'; object-src 'none'; report-uri https://csp.microsoft.com/report/M365AppsAdminServices-Prod; trusted-types cdn-url#srv script-url#webpack cdn-url#flux cdn-url#oneshell safe-xml#oneshell 1DSScriptURL @centro/hvc-loader dompurify html2canvas-feedback MeControlScriptURL 'allow-duplicates'; require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/M365AppsAdminServices-Prod
script-src
Nonce
—
'nonce-PwPA+zc2QmXZyOf3OjDjwVurUGmWHeoWaaTqpjrT0EE='
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'strict-dynamic'
script-src
Scheme
—
https:
base-uri
Keyword
—
'self'
object-src
Keyword
—
'none'
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Host
—
trusted-types
Keyword
—
'allow-duplicates'
require-trusted-types-for
Keyword
—
'script'
Content-Security-Policy-Report-Only
No report-only CSP headers found.