Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive

Severity: Information
Summary#

Invicti detected that wildcard was used in scheme portion of a CSP directive.

Impact#

Wildcard cannot be used in schema. If you use wildcard in schema, it will be ignored by the browsers.

Remediation#

Remove the wildcard from schema.

Classifications#
Invicti

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo