Open
Cached
·
just now
4
directives
Content-Security-Policy
No enforced CSP headers found.
Content-Security-Policy-Report-Only
Content-Security-Policy-Report-Only: base-uri 'none'; object-src 'none'; script-src 'report-sample' https: 'nonce-MTg2NTI0ODM5LDIwMzY4NzQ3MTA=' 'unsafe-eval' 'strict-dynamic'; report-uri https://csp.canva.com/_cspreport?ro=true&requestId=9e9e35d0fe57d6ad&app=devdocs;
base-uri
Keyword
—
'none'
object-src
Keyword
—
'none'
script-src
Keyword
—
'report-sample'
script-src
Scheme
—
https:
script-src
Nonce
—
'nonce-MTg2NTI0ODM5LDIwMzY4NzQ3MTA='
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'strict-dynamic'