https://shop.bvhse.dk/

back
block-all-mixed-content;
frame-ancestors 'none';
upgrade-insecure-requests;
HighMediumLowInfo
2 2 3 0

Time: a day ago

Source: header

Disposition: enforce

Policies: 1

Total Findings: 7

Scan Results

HIGH
Missing object-src (no default-src)
object-src
HIGH
Missing script-src (no default src)
script
MEDIUM
Missing base-uri
base-uri
MEDIUM
Missing reporting endpoint
report-uri
LOW
Missing form-action
form-action
LOW
Missing 'report-sample'
script-src
LOW
Missing 'report-sample'
style-src
Looking for more tools to make CSP easier?

Csper has the tools to help you understand, deploy and manage your content security policy. Get started in minutes. Report aggregations, classification, analysis, alerting, realtime and more. Free 14 day trial.