1. Content Security Policy 1.0

    Mitigate cross-site scripting attacks by only allowing certain sources of script, style, and other resources.

  2. Content Security Policy Level 2

    Mitigate cross-site scripting attacks by only allowing certain sources of script, style, and other resources. CSP 2 adds hash-source, nonce-source, and five new directives

  3. cspviolationreportbody api

  4. cspviolationreportbody api: blockedurl

  5. cspviolationreportbody api: columnnumber

  6. cspviolationreportbody api: disposition

  7. cspviolationreportbody api: documenturl

  8. cspviolationreportbody api: effectivedirective

  9. cspviolationreportbody api: linenumber

  10. cspviolationreportbody api: originalpolicy

  11. cspviolationreportbody api: referrer

  12. cspviolationreportbody api: sample

  13. cspviolationreportbody api: sourcefile

  14. cspviolationreportbody api: statuscode

  15. cspviolationreportbody api: tojson

  16. headers http header: csp: content-security-policy

  17. headers http header: csp: content-security-policy: base-uri

  18. headers http header: csp: content-security-policy: block-all-mixed-content

  19. headers http header: csp: content-security-policy: child-src

  20. headers http header: csp: content-security-policy: connect-src

  21. headers http header: csp: content-security-policy: default-src

  22. headers http header: csp: content-security-policy: font-src

  23. headers http header: csp: content-security-policy: form-action

  24. headers http header: csp: content-security-policy: frame-ancestors

  25. headers http header: csp: content-security-policy: frame-src

  26. headers http header: csp: content-security-policy: img-src

  27. headers http header: csp: content-security-policy: manifest-src

  28. headers http header: csp: content-security-policy: media-src

  29. headers http header: csp: content-security-policy: `<meta>` element support

  30. headers http header: csp: content-security-policy: navigate-to

  31. headers http header: csp: content-security-policy: object-src

  32. headers http header: csp: content-security-policy: plugin-types

  33. headers http header: csp: content-security-policy: prefetch-src

  34. headers http header: csp: content-security-policy: referrer

  35. headers http header: csp: content-security-policy: report-sample

  36. headers http header: csp: content-security-policy: report-to

  37. headers http header: csp: content-security-policy: report-uri

  38. headers http header: csp: content-security-policy: require-sri-for

  39. headers http header: csp: content-security-policy: sandbox

  40. headers http header: csp: content-security-policy: script-src

  41. headers http header: csp: content-security-policy: script-src-attr

  42. headers http header: csp: content-security-policy: script-src-elem

  43. headers http header: csp: content-security-policy: strict-dynamic

  44. headers http header: csp: content-security-policy: style-src

  45. headers http header: csp: content-security-policy: style-src-attr

  46. headers http header: csp: content-security-policy: style-src-elem

  47. headers http header: csp: content-security-policy: trusted-types

  48. headers http header: csp: content-security-policy: unsafe-hashes

  49. headers http header: csp: content-security-policy: worker-src

  50. headers http header: csp: content-security-policy: worker support