Content Security Policy (CSP) Keywords Not Used Within Single Quotes
Summary#
Invicti detected that Content Security Policy (CSP) keywords like self, none, unsafe-inline, unsafe-eval were used within single quotes.
Impact#
CSP keywords need to be used within single quotes according to CSP specifications, when not used the keywords will be considered as a part of the resource URL.
Remediation#
Use these keywords within single quotes.
Classifications#
Further Reading#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
Related Vulnerabilities
