Posted on February 11, 2018 at 6:01 pm
This is a quick post about Content-Security-Policy-Report-Only:
Content-Security-Policy-Report-Only: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp |
Taken from HTTP headers of https://vimeo.com
To implement it with Nginx use add_header like this:
add_header Content-Security-Policy-Report-Only "default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp"; |
Other Posts
- PHP Notice: Undefined offset: 1 (Array)
- How to Sleep/Wait/Pause on a NodeJs Function
- How to Run a NodeJs Script
- How to Install a Module/Package/Library in NodeJs
- NodeJs Request.Get Example with Error Handling
- NodeJs HTTPS.Get Example with Error Handling
- How to Find PHP.ini Location
- How to Enable Display of Errors in PHP
Updated Posts
- Detect a failing hard-disk on a Linux server
- Certbot.errors.CertStorageError: expected to be a symlink
- Example hard-disk error logs on a Linux server
- Certbot renew error: Account at does not exist.
- Suspicious online shops from helpandserving@gmail.com
- Nginx Rewrite Rule to Add Slash to The End of Any URL
- Compress Word, Excel and PowerPoint Office Documents
- Download OpenVPN 2.4.7 and TAP-Windows