Open
Cached
·
just now
6
directives
Content-Security-Policy
No enforced CSP headers found.
Content-Security-Policy-Report-Only
Content-Security-Policy-Report-Only: default-src https: wss: 'self'; script-src https: wss: 'self' 'unsafe-eval' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'; img-src https: data: 'self'; font-src https: data: 'self'; report-uri /csp-report
default-src
Scheme
—
https:
default-src
Scheme
—
wss:
default-src
Keyword
—
'self'
script-src
Scheme
—
https:
script-src
Scheme
—
wss:
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'unsafe-inline'
style-src
Scheme
—
https:
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
img-src
Scheme
—
https:
img-src
Scheme
—
data:
img-src
Keyword
—
'self'
font-src
Scheme
—
https:
font-src
Scheme
—
data:
font-src
Keyword
—
'self'
report-uri
Host
—