Pembuat Kebijakan CSP
Buat Content Security Policy dengan mudah
Preset
Impor
Direktif
default-srcDefault fallback for other directives
'self'
script-srcRestricts JavaScript sources
'self''unsafe-inline'
style-srcRestricts CSS sources
'self''unsafe-inline'
img-srcRestricts image sources
'self'https:data:
font-srcRestricts font sources
'self'https:
connect-srcRestricts fetch/XHR/WebSocket connections
'self'https:
frame-ancestorsRestricts parents that can embed this page
'self'
object-srcRestricts plugins (Flash, etc.)
'none'