Posted on February 11, 2018 at 6:01 pm
This is a quick post about Content-Security-Policy-Report-Only:
Content-Security-Policy-Report-Only: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp |
Taken from HTTP headers of https://vimeo.com
To implement it with Nginx use add_header like this:
add_header Content-Security-Policy-Report-Only "default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp"; |
Other Posts
- Customer emails don't show up in Zendesk
- Get Windows 7, 8, 10 License Information
- Cheapest Alternatives to Mailchimp, Sendinblue, Sendgrid
- Convert InnoSetup EXE Installer to MSI
- Get Serial Number of CPU, RAM, Motherboard, HDD
- Get Number of Intel Processor Cores via Registry
- Zendesk Remove [Business Name] from Email Subject on Ticket Replies
- Best Text-to-Speech (TTS) Web Services with Human Voices
Updated Posts
- Exclude Packages from Apt-Get Upgrade on Debian Linux
- Should I reboot Debian server after apt-get upgrade?
- Download and Install OpenVPN Client on Windows 10
- How to List All Iptables NAT Rules
- How to List INPUT, FORWARD, OUTPUT Iptables Rules
- OpenVPN Iptables Rules
- Parse or Split FTP URL in Delphi XE using TIdURI
- Public FTP Server to Test Upload and Download