Content-Security-Policy Analysis for https://make.gov.powerapps.us

Open Cached · 12h ago

11 directives

Content-Security-Policy

Content-Security-Policy: report-uri https://csp.microsoft.com/report/PPUX-Hosting-Gov;

report-uri Host —

https://csp.microsoft.com/report/PPUX-Hosting-Gov

ASN | Microsoft

Content-Security-Policy-Report-Only

Content-Security-Policy-Report-Only: frame-ancestors 'self' https://*.powerapps.us https://*.powerva.microsoft.us https://teams.microsoft.com https://teams.cloud.microsoft https://make.gov.powerautomate.us https://*.sharepoint.us; style-src 'self' 'unsafe-inline' https://*.content.powerapps.us https://*.static.powerapps.us https://*.services.microsoft.com; manifest-src 'self'; frame-src https://athena-ui-gcc.usgovtrafficmanager.net https://amcdn.msftauth.net https://*.access.mcas-gov.ms https://*.dynamics.com https://*.powerbigov.us https://app.powerbi.com https://*.powerapps.us https://*.powerautomate.us https://*.microsoft.us https://*.office.com https://*.outlook.com https://*.msecdn.net https://*.msftauth.net https://aka.ms https://login.microsoftonline.com https://www.youtube.com; img-src 'self' blob: data: *; font-src 'self' https://*.cdn.office.net https://*.content.powerapps.us https://*.microsoft.com https://*.sharepointonline.com https://*.static.powerapps.us https://content.powerapps.us https://fonts.gstatic.com https://static.powerapps.com https://use.typekit.net/ https://vsa.services.microsoft.com data:; script-src 'self' blob: 'unsafe-eval' https://*.azure.com https://*.cdn.office.net https://*.microsoft.com https://*.msftauth.net https://*.office365.com https://*.powerapps.us https://login.microsoftonline.com https://make.gov.powerapps.us https://www.youtube.com 'sha256-auhCsXTFXyKg34IjknYGT1rv+EhY9e6bNuJ/lKUAFGs=' 'sha256-HJxn72LTLJMPGsE+oNGolGTmMzipPKn6pEgaGJHBVeA=' 'sha256-VhcgSeBujCDag+bF4oyOfnSw79qxqCElyWBHuHYTnio=' 'sha256-Y8ROvxe2EtM+CP6juXdpZrzRfG2REm4jAfvSebn7pGU='; connect-src 'self' blob: data: https://*.microsoft.us https://*.powerapps.us https://*.azure-apihub.us https://*.azure.com https://*.azure.us https://*.blob.core.windows.net https://*.botframework.com https://*.clarity.ms https://*.cloud.microsoft https://*.crm.dynamics.com https://*.dynamics.com https://*.live.com https://*.microsoft.com https://*.microsoftcloud.com https://*.microsoftonline.com https://*.msedge.net https://*.msn.com https://*.office.com https://*.office.net https://*.office365.com https://*.skype.com https://vsa.services.microsoft.com https://*.augloop.svc.cloud.microsoft https://augloop.svc.cloud.microsoft https://api.gov.powerplatformusercontent.microsoft.us https://*.api.gov.powerplatformusercontent.microsoft.us https://*.augloop.svc.cloud.dev.microsoft https://*.gcc.augloop.svc.cloud.microsoft https://*.augloop-gcc.office.com wss://*.azure.us wss://*.powerapps.us wss://*.augloop.cloud.microsoft wss://*.gcc.augloop.svc.cloud.microsoft wss://*.augloop-gcc.office.com; default-src 'self' https://*.powerapps.us; report-uri https://csp.microsoft.com/report/PPUX-Hosting-Gov;

frame-ancestors Keyword —

'self'

frame-ancestors Host —

https://*.powerapps.us

ASN | Microsoft

frame-ancestors Host —

https://*.powerva.microsoft.us

frame-ancestors Host —

https://teams.microsoft.com

ASN | Microsoft

frame-ancestors Host —

https://teams.cloud.microsoft