Wildcard Detected in Scheme Portion of Content Security Policy (CSP) Directive

Severity: Information
Summary#

Invicti detected that wildcard was used in scheme portion of a CSP directive.

Impact#

Wildcard cannot be used in schema. If you use wildcard in schema, it will be ignored by the browsers.

Remediation#

Remove the wildcard from schema.

Classifications#
OR

Search Vulnerability

Tags

CSP

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works