Content-Security-Policy Analysis for https://deidemlav.com

Open Cached · just now

12 directives

Content-Security-Policy

Content-Security-Policy: upgrade-insecure-requests; default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; connect-src 'self' data: blob:; form-action 'self'; img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; font-src * data:; object-src *; media-src *; frame-src *; worker-src blob:;

upgrade-insecure-requests Source —

(no sources)

default-src Host —

default-src Keyword —

'unsafe-inline'

default-src Keyword —

'unsafe-eval'

default-src Scheme —

data:

default-src Scheme —

blob:

connect-src Keyword —

'self'

connect-src Scheme —

data:

connect-src Scheme —

blob:

form-action Keyword —

'self'

img-src Host —

img-src Scheme —

data:

script-src Host —

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

style-src Host —

style-src Keyword —

'unsafe-inline'

font-src Host —

font-src Scheme —

data:

object-src Host —

media-src Host —

frame-src Host —

worker-src Scheme —

blob:

Content-Security-Policy-Report-Only

No report-only CSP headers found.