Incorrect Content Security Policy (CSP) Implementation
Severity: Information
Summary #
Netsparker detected that CSP is implemented inside body tag.
Impact #
This usage is not supported and will be ignored by the browsers.
Remediation #
Declare CSP in HTTP headers or with meta tags inside head element instead of body.
Classifications #
CWE-16, ISO27001-A.14.2.5, WASC-15, OWASP 2013-A5, OWASP 2017-A6
Further Reading #
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
