Summary

Acunetix 360 detected that a deprecated header instruction such as X-Content-Security-Policy and X-Webkit-CSP is used to implement CSP.

Impact

This header instruction is deprecated and will not work on most browsers.

Remediation

Use Content-Security-Policy header instruction instead of these deprecated header instructions:

  • X-Content-Security-Policy
  • X-Webkit-CSP

Severity

Information

Classification

CWE-16 ISO27001-A.14.2.5 WASC-15