blob: 607ad9dd73bfd58aafe0ba8bc6fe58ca4f5ed8de [file] [log] [blame]
CONSOLE ERROR: line 12: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'".
ALERT: PASS: eval() allowed!
CSP report received:
CONTENT_TYPE: application/csp-report
HTTP_REFERER: http://127.0.0.1:8000/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.php
REQUEST_METHOD: POST
=== POST DATA ===
{"csp-report":{"document-uri":"http://127.0.0.1:8000/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.php","referrer":"","violated-directive":"script-src","effective-directive":"script-src","original-policy":"script-src 'self' 'unsafe-inline'; report-uri resources/save-report.php?test=eval-allowed-in-report-only-mode-and-sends-report.php","disposition":"report","blocked-uri":"eval","line-number":12,"column-number":13,"source-file":"http://127.0.0.1:8000/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.php","status-code":200}}