frame -src: 僅允許來自www.w3schools.com 及本身來源. script-src: 允許inline script. header("Content-Security-Policy: default-src 'self';img-src ...
確定! 回上一頁