Content-Security-Policy: trusted-types one | |
Content-Security-Policy-Report-Only: trusted-types two; report-uri /content-security-policy/resources/dummy-report.php | |
Content-Security-Policy: object-src 'none' | |
Content-Security-Policy: default-src * 'unsafe-inline' | |
Content-Security-Policy: require-trusted-types-for 'script' | |