Posted on February 11, 2018 at 6:01 pm
This is a quick post about Content-Security-Policy-Report-Only:
Content-Security-Policy-Report-Only: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp |
Taken from HTTP headers of https://vimeo.com
To implement it with Nginx use add_header like this:
add_header Content-Security-Policy-Report-Only "default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp"; |
Other Posts
- How to Clone a Virtual Machine on VirtualBox via Command-Line
- How to Mount a Shared Folder on VirtualBox Windows Guest
- How to Install VirtualBox Guest Additions on Windows Guest
- Add Shared Folder on VirtualBox VM via Command-Line on Debian
- How to Install a .Deb File on Debian Linux via Command-Line
- Install VirtualBox 6.0 on Debian 10 Buster
- Install Windows 7 Guest on VirtualBox Debian Host (Command-Line)
- Create or Restore a VirtualBox Snapshot on Debian (Command-Line)
Updated Posts
- Run a Program Inside a VirtualBox Guest VM from Host via Command-line
- Disable User Account Control (UAC) in Windows 10
- Get the Output of a Program in a Variable in Bash
- Automatically Renew Let's Encrypt Certificates (Nginx)
- Capture Multiple Line Output Into a Bash Variable
- How to Extract Domain from URL in Bash
- Get Local File Permissions from Command-Line on Linux
- Disable Driver Signature Enforcement on Windows 7 64-bit