Did you know what, some CSP are ignored when you only it set in the META HTML Header? 

The X-Frame-Options are ignored, when not included in the header response. \nOnly allow my site to frame itself \nContent-Security-Policy: frame-ancestors 'self' \nX-Frame-Options: SAMEORIGIN

We override the default Document in the Next Web app.  \nclass CustomDocument extends Document\nctx.res.setHeader\nctx.res.setHeader('Content-Security-Policy', generateCSP({ nonce }) )\n

A+ CSP Scan

observatory.mozilla.org/analyze/jungno.com

nextjs.org/docs/advanced-features/custom-document

Post

A+ CSP Scan

Thank you Mozilla Observatory CSP Scan for A+ Scan Test Score!

2022-05-07

A+ CSP Scan

Weblinks external references

observatory.mozilla.org/analyze/jungno.com

nextjs.org/docs/advanced-features/custom-document

Similar Related Topic

Privacy Page

Privacy

e-commerce Page

e-commerce

Recent Updated Content

Online ordering gives Ahi Assassins new life Post

Local media mention on Crave by Star Advertiser

Air Ahi Hawaii Post

Overnight Cold Shipping Solutions

Email Post

jung@jungno.com

Redesign using CSS in JS Post

Website redesign using CSS in JS

Kau Kau Box Giveaway Post

Kau Kau Box Giveaway for Family & Kupuna