No Script Block Detected with the Hash Value Declared in Content Security Policy (CSP) | Invicti

Summary #

The hash value in the CSP directive does not match with any hash value of the script blocks in the page.

Classifications #

ISO27001-A.14.2.5; OWASP 2013-A5; OWASP 2017-A6

Further Reading #

Content Security Policy (CSP) Explained

Netsparker Security Insights #

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo