Content-Security-Policy-Report-Only analysis
Description
A Content-Security-Policy-Report-Only
(CSPRO) was identified on the target site. CSP-Report-Only headers
aid in determining how to implement a Content-Security-Policy
that does not disrupt use of the target
site.
Remediation
Follow the recommendations to determine if any actions are necessary to harden this Content-Security-Policy-Report-Only
.
After all alerts have been resolved, we recommend that this header be changed to Content-Security-Policy
.
Details
ID | Aggregated | CWE | Type | Risk |
---|---|---|---|---|
16.9 | true | 16 | Passive | Info |