Content-Security-Policy Analysis for https://taskrabbit.com

Open Cached · just now

8 directives

Content-Security-Policy

Content-Security-Policy: default-src * data: 'unsafe-inline' 'unsafe-eval';  script-src * data: 'unsafe-inline' 'unsafe-eval';  connect-src * data: 'unsafe-inline';  img-src * blob: data: 'unsafe-inline';  frame-src * data:;  style-src * data: 'unsafe-inline';  font-src * data: 'unsafe-inline';  frame-ancestors * data:;

default-src Host —

default-src Scheme —

data:

default-src Keyword —

'unsafe-inline'

default-src Keyword —

'unsafe-eval'

script-src Host —

script-src Scheme —

data:

script-src Keyword —

'unsafe-inline'

script-src Keyword —

'unsafe-eval'

connect-src Host —

connect-src Scheme —

data:

connect-src Keyword —

'unsafe-inline'

img-src Host —

img-src Scheme —

blob:

img-src Scheme —

data:

img-src Keyword —

'unsafe-inline'

frame-src Host —

frame-src Scheme —

data:

style-src Host —

style-src Scheme —

data:

style-src Keyword —

'unsafe-inline'

font-src Host —

font-src Scheme —

data:

font-src Keyword —

'unsafe-inline'

frame-ancestors Host —

frame-ancestors Scheme —

data:

Content-Security-Policy-Report-Only

No report-only CSP headers found.