content-security-policy
HTTP response header
CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website
Header usage statistics
content-security-policy response header information and usage statistics. | |
---|
Websites using header content-security-policy | 5,182,073 |
Percentage of websites that use content-security-policy header | 6.41% |
Total discovered header values | More than 10,000 |
Header uses directives | Yes |
Header values are unique or random | No |
Most popular in the country | United States |
content-security-policy directives (28 total)
- base-uri
- block-all-mixed-content
- child-src
- connect-src
- default-src
- font-src
- form-action
- frame-ancestors
- frame-src
- img-src
- manifest-src
- media-src
- object-src
- plugin-types
- prefetch-src
- referrer
- report-to
- report-uri
- require-sri-for
- require-trusted-types-for
- sandbox
- script-src
- script-src-attr
- style-src
- style-src-attr
- trusted-types
- upgrade-insecure-requests
- worker-src