Unsupported Hash Detected in Content Security Policy (CSP)

Severity: Information

Invicti detected that an unsupported hashing algorithm was declared in CSP directive.


Browsers do not support this. CSP will not work as expected.


Use one of the following supported hashing algorithms:

  • SHA-256, sha256
  • SHA-384, sha384
  • SHA-512, sha512
Invicti Logo

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo