Ptt 大爆卦 | CSP script-src - 前往 https://stackoverflow.com/questions/37155270/content-security-policy-csp-safe-usage-of-unsafe-eval

你即將離開本站

並前往https://stackoverflow.com/questions/37155270/content-security-policy-csp-safe-usage-of-unsafe-eval

Content Security Policy (CSP) - safe usage of unsafe-eval?

We use the following CSP header: default-src 'self' *.ourdomain.com; script-src 'self' *.ourdomain.com 'sha256-[..

確定！回上一頁

查詢「CSP script-src」的人也找了：

script-src-elem

content-security-policy

default-src 'self'

script-src unsafe-eval

csp unsafe-inline

script src用法

Unsafe-inline allows the execution of unsafe in page scripts and event handlers

csp style-src sha256