You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Content Security Policy (CSP) is a first line of defense against common attacks including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft via account takeovers to site defacement or distribution of malware. CSP config allows you to declare what content can be loaded and executed via a standard HTTP header. You can whitelist JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
How to fix
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
The text was updated successfully, but these errors were encountered:
Find more live information in Aikido here: https://app.aikido.dev/queue?sidebarIssue=7034472&groupId=6798&sidebarIssueTask=482645&sidebarTab=tasks
Scope
This task includes issues in the following domain:
TLDR
Content Security Policy (CSP) is a first line of defense against common attacks including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft via account takeovers to site defacement or distribution of malware. CSP config allows you to declare what content can be loaded and executed via a standard HTTP header. You can whitelist JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
How to fix
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
The text was updated successfully, but these errors were encountered: