default-src ‘self’; img-src *; media-src * data:;
-
We are report only now, but it looks like the plugin is adding this x-content-security-policy: default-src ‘self’; img-src *; media-src * data:; to the header. Yet, we do have some img-src specified. Do the * get removed when we go to enforcing?
Aren’t the X- older style anyhow?
Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
- You must be logged in to reply to this topic.
