Incorrect Content Security Policy (CSP) Implementation
Severity: Information
Summary #
Netsparker detected that CSP is implemented inside body tag.
Impact #
This usage is not supported and will be ignored by the browsers.
Remediation #
Declare CSP in HTTP headers or with meta tags inside head element instead of body.
Classifications #
CWE-16; ISO27001-A.14.2.5; WASC-15; OWASP 2013-A5; OWASP 2017-A6
Further Reading #
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
