-
- Site: [https://owasp.org](https://owasp.org)
**New Alerts**
- **PII Disclosure** [10062] total: 3:
- [https://owasp.org/projects/leaders/](https://owasp.org/projects/leaders/)
- [https:…
-
- Site: [https://lakkanan.shop](https://lakkanan.shop)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 1:
- [https://lakkanan.shop](https://lakkanan.shop)
…
-
- Site: [https://dvna-team-1.canadacentral.cloudapp.azure.com](https://dvna-team-1.canadacentral.cloudapp.azure.com)
- Site: [http://dvna-team-1.canadacentral.cloudapp.azure.com](http://dvna-team-1.…
-
I recently deployed nonce support on my site and it makes deploying a strong CSP considerably easier. A lot easier than I thought it was going to be now I've actually done it. One of the other aspects…
-
Relevant spec section: https://svgwg.org/svg2-draft/linking.html#processingURL-fetch
Related Fetch spec issue: https://github.com/whatwg/fetch/issues/1012
It's unclear which request destination fe…
-
- Site: [https://bank.f5labs.dev](https://bank.f5labs.dev)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 3:
- [https://bank.f5labs.dev](https://bank.f5labs…
-
Hi
I’m currently working on a phased plan to implement CSP for BBC online (as we’re currently rolling out HTTPS) and have come across an issue for which I have a suggestion - an amendment to the curr…
-
- Site: [https://privategamehost.com:6444](https://privategamehost.com:6444)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 3:
- [https://privategamehost.co…
-
- Site: [https://alcs-dev.apps.silver.devops.gov.bc.ca](https://alcs-dev.apps.silver.devops.gov.bc.ca)
**New Alerts**
- **CSP: Wildcard Directive** [10055] total: 4:
- [https://alcs-dev.apps…
-
### Describe the problem
Even though `require-trusted-types-for` seems to be present in the list of CSP directives in the configuration, setting it (to `script`, which is its only value) will actua…