Incorrect Content Security Policy (CSP) Implementation
Severity: Information
Summary
Netsparker detected that CSP is implemented inside body tag.
Impact
This usage is not supported and will be ignored by the browsers.
Remediation
Declare CSP in HTTP headers or with meta tags inside head element instead of body.
Classifications
OWASP 2013-A5, OWASP 2017-A6
Further Reading
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Tags
