Content Security Policy (CSP) Nonce Without Matching Script Block

Severity: Information

Invicti detected that the page does not contain any script blocks with the nonce declared in CSP.


Ensure that all the script blocks has a matching nonce. If this nonce is not necessary then remove it from CSP.


Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo