Summary

Netsparker detected that multiple CSP declaration types were implemented in the page for backward compatibility.

Impact

Using multiple CSP implementations together might cause CSP directives to not work as intended.

Remediation

Remove these deprecated implementations:

  • X-Content-Security-Policy
  • X-Webkit-CSP
Classifications
OWASP PC-C9
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

;
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO