Information Security Asked on December 26, 2021
I was recently testing for Clickjacking and when I opened developer tools, I was warning
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Do you guys think it is possible to bypass it, If yes can you share me the further information?
Thank You.
This warning just means that a script was already explicitly trusted by nonce-source
or hash-source
and that the additional unsafe-inline
makes no sense in this context - and thus will be ignored. The warning does not indicate that any bypass could be possible.
Answered by Steffen Ullrich on December 26, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP