Does not read Content Security Policy from html meta tag

[Zaita]

When scanning and using HTML meta tag for the CSP, this does not get detected.

[fzipi360]

This is still a problem. Any thoughts here? Can this be checked?

[ScottHelme]

Hi,

We only scan HTTP response headers and not meta tags in the page, this is why the policy will not be picked up!

Cheers,

Scott.