Posted on February 11, 2018 at 6:01 pm
This is a quick post about Content-Security-Policy-Report-Only:
Content-Security-Policy-Report-Only: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp |
Taken from HTTP headers of https://vimeo.com
To implement it with Nginx use add_header like this:
add_header Content-Security-Policy-Report-Only "default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp"; |
Other Posts
- How to List All Iptables NAT Rules
- Parse or Split FTP URL in Delphi XE using TIdURI
- How to Download a File via FTP in Delphi XE
- Public FTP Server to Test Upload and Download
- How to Parse Command-Line Arguments in Bash
- How to Make Iptables Rules Persistent
- Bash Install Iptables-Persistent Automatically
- Route OpenVPN Connections Through Floating IP
Updated Posts
- How to fix "Clickable elements too close together"
- How to fix "Text too small to read"
- Create Custom Rest Endpoints for WP Rest API
- Timestamp URLs for SHA1 SHA256 Code Sign 2021
- PHP Multi-cURL to Run Parallel cURL Requests (Example)
- The following signatures were invalid: EXPKEYSIG B188E2B695BD4743
- Best Clean Monospace Web Fonts 2021
- Add New Path to Delphi 10.4 Sydney on Library Path