Content-Security-Policy Analysis for https://idp.dev.texthelp.com

Open Cached · just now

10 directives

Content-Security-Policy

Content-Security-Policy: default-src 'self' https://ajax.aspnetcdn.com/* ; script-src-elem 'self' https://ajax.aspnetcdn.com/ https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js  ;  object-src 'none'; frame-ancestors https://*.texthelp.com; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';style-src 'self' 'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE=' fonts.googleapis.com; script-src 'self' *.texthelp.com *.dev.texthelp.com; font-src 'self' fonts.gstatic.com; img-src 'self' *.texthelp.com *.dev.texthelp.com *.texthelp.dev *.clarosoftware.com data:,

default-src Keyword —

'self'

default-src Host

Microsoft ASP.NET CDN

https://ajax.aspnetcdn.com/*

script-src-elem Keyword —

'self'

script-src-elem Host

Microsoft ASP.NET CDN

https://ajax.aspnetcdn.com/

script-src-elem Host

Cloudflare CDNJS

https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.12/jquery.validate.unobtrusive.min.js

ASN | Cloudflare

object-src Keyword —

'none'

frame-ancestors Host —

https://*.texthelp.com

sandbox Keyword —

allow-forms

sandbox Keyword —

allow-same-origin

sandbox Keyword —

allow-scripts

base-uri Keyword —

'self'

style-src Keyword —

'self'

style-src Hash —

'sha256-aqNNdDLnnrDOnTNdkJpYlAxKVJtLt9CtFLklmInuUAE='

style-src Host

Google Fonts

fonts.googleapis.com

script-src Keyword —

'self'

script-src Host —

*.texthelp.com

script-src Host —

*.dev.texthelp.com

font-src Keyword —

'self'

font-src Host

Google Fonts

fonts.gstatic.com

img-src Keyword —

'self'

img-src Host —

*.texthelp.com

img-src Host —

*.dev.texthelp.com

img-src Host —

*.texthelp.dev

img-src Host —

*.clarosoftware.com

ASN | Microsoft

img-src Host —

data:,

Content-Security-Policy-Report-Only

No report-only CSP headers found.