It controls what domains subdomains and types of resources a browser is allowed to load on a given web page.
Websites using header X-Content-Security-Policy | 90,486 |
Percentage of websites that use X-Content-Security-Policy header | <0.1% |
Total discovered header values | More than 10,000 |
Header uses directives | No |
Header values are unique or random | No |
Most popular in the country | ![]() |
Directive | Share | Websites count | Unique Values |
---|
Top 10k sites | 119 websites |
Top 100k sites | 627 websites |
Top 1m sites | 3,786 websites |
Domain | Country | Rank | Contacts |
---|---|---|---|
![]() | 245 | ||
![]() | 245 | ||
![]() | 260 | ||
![]() | 349 | ||
![]() | 734 | ||
![]() | 820 |
Header value | Value prevalence |
---|---|
default-src 'self' 'unsafe-inline' | 14.87% |
default-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; | 7.20% |
allow 'self'; | 6.26% |
frame-ancestors 'self' | 6.19% |
default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; | 4.35% |
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self' | 3.39% |
default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src * | 3.05% |
script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' data: ; object-src 'self' data: ; frame-src 'self' data: ; | 2.25% |
default-src 'self'; img-src *; media-src * data:; | 2.07% |
default-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; reflected-xss block; | 1.89% |
default-src 'self' | 1.66% |
frame-ancestors * | 1.55% |
frame-ancestors https://uscreen.io https://*.uscreen.io https://www.uscreen.tv | 1.35% |
img-src *; media-src * data:; | 1.09% |
default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: *.tile.openstreetmap.org; | 1.05% |
default-src 'self' ;options inline-script eval-script;img-src 'self' data: ; | 0.99% |
default-src 'self' 'unsafe-inline'; | 0.74% |
default-src 'self'; | 0.70% |
default-src 'self'; script-src 'self'; | 0.56% |
default-src 'self' ;options inline-script eval-script;img-src 'self' data: ; | 0.55% |