‘self’ vs ‘unsafe-inline’

  • MacGuru

    (@kevinknowdebtorg)


    9 years, 4 months ago

    Trying to refine the policy, I removed ‘unsafe-inline’ from script-src. ‘self’ remains in the policy. Then it started reporting the following:

    Violated Directive Blocked URL Count Action
    script-src           self         6

    It stops when I put ‘unsafe-inline’ back in.

    What am I missing?

The topic ‘‘self’ vs ‘unsafe-inline’’ is closed to new replies.