Deprecated Header Instruction Used to Implement Content Security Policy (CSP)
Summary#
Invicti detected that a deprecated header instruction such as X-Content-Security-Policy and X-Webkit-CSP is used to implement CSP.
Impact#
This header instruction is deprecated and will not work on most browsers.
Remediation#
Use Content-Security-Policy header instruction instead of these deprecated header instructions:
- X-Content-Security-Policy
- X-Webkit-CSP
Classifications#
Further Reading#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
Related Vulnerabilities