Error on Content Security Policy while testing for Clickjacking
Information Security Asked on December 26, 2021
I was recently testing for Clickjacking and when I opened developer tools, I was warning
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Do you guys think it is possible to bypass it, If yes can you share me the further information?
Thank You.
One Answer
This warning just means that a script was already explicitly trusted by nonce-source or hash-source and that the additional unsafe-inline makes no sense in this context - and thus will be ignored. The warning does not indicate that any bypass could be possible.
Answered by Steffen Ullrich on December 26, 2021
Add your own answers!
Ask a Question
Get help from others!
Recent Answers
- Jon Church on Why fry rice before boiling?
- Peter Machado on Why fry rice before boiling?
- Lex on Does Google Analytics track 404 page responses as valid page views?
- Joshua Engel on Why fry rice before boiling?
- haakon.io on Why fry rice before boiling?
Recent Questions
- How can I transform graph image into a tikzpicture LaTeX code?
- How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
- Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
- Need help finding a book. Female OP protagonist, magic
- Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?