Content-Security-Policy Analysis for https://fignaa.com

Open Cached · just now

5 directives

Content-Security-Policy

Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: ; form-action 'none' ; frame-ancestors 'self' ; script-src 'unsafe-eval' 'unsafe-hashes' 'report-sample'; report-uri /csp_report

No enforced CSP headers found.

Content-Security-Policy-Report-Only

default-src Keyword —

'self'

default-src Keyword —

'unsafe-eval'

default-src Keyword —

'unsafe-hashes'

default-src Keyword —

'unsafe-inline'

default-src Scheme —

data:

default-src Scheme —

blob:

form-action Keyword —

'none'

frame-ancestors Keyword —

'self'

script-src Keyword —

'unsafe-eval'

script-src Keyword —

'unsafe-hashes'

script-src Keyword —

'report-sample'

report-uri Host —

/csp_report