Content-Security-Policy-Report-Only Cannot Be Declared Between META Tags
Summary#
Content-Security-Policy-Report-Only cannot be declared between META tags.
Actions To Take#
-
If you want to use one of the CSP in report only mode, you should declare it in response headers.
Classifications#
Invicti Security Insights
- How the BEAST attack works: Reading encrypted data without decryption
- Security tool integration can make or break secure development – ESG report
- New industry study: 70% of teams skip security steps
- What is privilege escalation and why is it important?
- Invicti Survey Reveals Executive Overconfidence in Web Security
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
Related Vulnerabilities
