Posted on February 11, 2018 at 6:01 pm
This is a quick post about Content-Security-Policy-Report-Only:
Content-Security-Policy-Report-Only: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp |
Taken from HTTP headers of https://vimeo.com
To implement it with Nginx use add_header like this:
add_header Content-Security-Policy-Report-Only "default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp"; |
Other Posts
- View All Symlinks in a Directory Tree on Linux
- /etc/init.d/redis-server on Debian 9.5 Stretch
- View Last Time a File was Opened on Debian
- Fix PHP7.0-FPM Installation (Sury.org Packages)
- Server Certificate Verification failed CAfile (apt-get update)
- PDFYeah: Online Cloud-Based PDF Converter
- Create a SOCKS 5 Proxy on Top of a SSH Tunnel on Linux
- Estimate Number of Visitors and Pageviews of any Website
Updated Posts
- Htaccess file for WordPress websites
- How to Create Backups of MySQL via PHP
- Transfer files from a VPS to a FTP web hosting server
- Block Paltalk Ads (and Others) via Hosts file
- E: Sub-process /usr/bin/dpkg returned an error code (2)
- How to Validate JSON in PHP
- The program can’t start because VCRUNTIME140.DLL is missing
- PHP CURL Download Remote URL to File