Open
Cached
·
just now
6
directives
Content-Security-Policy
Content-Security-Policy: script-src 'report-sample' 'nonce-TPmb_e5BDeYT91aoPABkow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';worker-src 'self';report-uri https://csp.withgoogle.com/csp/corplogin/1, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/corplogin
script-src
Keyword
—
'report-sample'
script-src
Nonce
—
'nonce-TPmb_e5BDeYT91aoPABkow'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'strict-dynamic'
script-src
Scheme
—
https:
script-src
Scheme
—
http:
script-src
Keyword
—
'unsafe-eval'
object-src
Keyword
—
'none'
base-uri
Keyword
—
'self'
worker-src
Keyword
—
'self'
report-uri
Host
—
report-uri
Keyword
—
'script'
Content-Security-Policy-Report-Only
No report-only CSP headers found.