Open
Cached
·
just now
4
directives
Content-Security-Policy
Content-Security-Policy: require-trusted-types-for 'script', base-uri 'self';object-src 'none';script-src 'report-sample' 'nonce-NX2rrZ5ojjrHMT_qyrRh-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';report-uri https://csp.withgoogle.com/csp/youtube_main/strict
require-trusted-types-for
Host
—
require-trusted-types-for
Host
—
require-trusted-types-for
Keyword
—
'self'
object-src
Keyword
—
'none'
script-src
Keyword
—
'report-sample'
script-src
Nonce
—
'nonce-NX2rrZ5ojjrHMT_qyrRh-Q'
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'strict-dynamic'
script-src
Scheme
—
https:
script-src
Scheme
—
http:
script-src
Keyword
—
'unsafe-eval'
Content-Security-Policy-Report-Only
No report-only CSP headers found.