Fiddler Ideas

The free web debugging proxy for any browser, system or platform.

Content-Security-Policy header misclassified

I think this may be a regression. The Content-Security-Policy header needs to be shown in the Security headers section, not in the Entity headers session (which looks for "Content-*").

  • Eric Lawrence
  • Feb 13 2017
  • Needs review
  • Attach files
  • Eric Lawrence commented
    February 09, 2018 18:18

    Similarly, Content-Security-Policy-Report-Only has the same regression.