Open bramus opened 9 years ago
The new upgrade-insecure-requests Content Security Policy directive can be used to transparently upgrade insecure resource requests to secure variants. This avoids the mixed content warnings without having to modify the HTML documents at all.
upgrade-insecure-requests
Source: https://dev.opera.com/blog/opera-30/ More details: http://www.w3.org/TR/upgrade-insecure-requests/
The living spec is here: https://w3c.github.io/webappsec/specs/upgrade/ (Don’t link to TR copies)
If you add this, please include an option to disable it for the purposes of scanning.
Source: https://dev.opera.com/blog/opera-30/ More details: http://www.w3.org/TR/upgrade-insecure-requests/