最終更新:2024-01-05 (金) 06:13:20 (117d)
helmet.contentSecurityPolicy?helmet.contentSecurityPolicy.getDefaultDirectives
Top / helmet.contentSecurityPolicy.getDefaultDirectives
デフォルト
- default-src 'self';
- base-uri? 'self';
- font-src? 'self' https: data:;
- form-action 'self';
- frame-ancestors? 'self';
- img-src? 'self' data:;
- object-src? 'none';
- script-src? 'self';
- script-src-attr? 'none';
- style-src 'self' https: 'unsafe-inline';
- upgrade-insecure-requests?