Posted on February 11, 2018 at 6:01 pm
This is a quick post about Content-Security-Policy-Report-Only:
Content-Security-Policy-Report-Only: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp |
Taken from HTTP headers of https://vimeo.com
To implement it with Nginx use add_header like this:
add_header Content-Security-Policy-Report-Only "default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp"; |
Other Posts
- Download Latest Raspbian ISO for Raspberry Pi
- What is Default Raspbian Raspberry Pi Password
- How to Install Pi-Hole on Raspbian for Raspberry Pi
- 3 Cards in a Row with Bootstrap 4.4
- Debug 502 Errors in Google Cloud Load Balancer
- Python if-then-else in one line example
- How to urlencode() an URL in Python3
- Install Required Fonts for Puppeteer
Updated Posts
- How to Disable Hibernation on Windows 10
- Disable Windows Defender on Windows 10 via Regedit
- Install Latest NVIDIA Drivers for Windows 10
- How to improve security of encrypted hard disks
- Get Server IP Address with Ifconfig and IP in Bash
- bash: ipconfig: command not found
- Check if a number is within a range in bash
- Linux Commands to Check HDD from Rescue Mode