observe_content_security_header(Default, Acc, Context)

Check and possibly modify the http response security headers All headers are in lowercase.

Type:

first

Return:

#content_security_header{} properties:

  • child_src: list

  • connect_src: list

  • default_src: list

  • font_src: list

  • frame_src: list

  • img_src: list

  • manifest_src: list

  • media_src: list

  • object_src: list

  • script_src: list

  • script_src_elem: list

  • script_src_attr: list

  • style_src: list

  • style_src_elem: list

  • style_src_attr: list

  • worker_src: list

  • base_uri: list

  • sandbox: list

  • frame_ancestors: list

  • form_action: list

  • report_to: list

Edit on GitHub