Open
Cached
·
just now
6
directives
Content-Security-Policy
No enforced CSP headers found.
Content-Security-Policy-Report-Only
Content-Security-Policy-Report-Only: default-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src-attr 'unsafe-inline'; style-src-elem https: 'unsafe-inline'; script-src-attr https: 'unsafe-inline'; script-src-elem https: 'unsafe-inline'; report-uri /platform/publishsubscribe/csp_endpoint.php
default-src
Scheme
—
https:
default-src
Scheme
—
data:
default-src
Keyword
—
'unsafe-inline'
default-src
Keyword
—
'unsafe-eval'
style-src-attr
Keyword
—
'unsafe-inline'
style-src-elem
Scheme
—
https:
style-src-elem
Keyword
—
'unsafe-inline'
script-src-attr
Scheme
—
https:
script-src-attr
Keyword
—
'unsafe-inline'
script-src-elem
Scheme
—
https:
script-src-elem
Keyword
—
'unsafe-inline'
report-uri
Host
—