Fiddler Ideas

The free web debugging proxy for any browser, system or platform.

Content-Security-Policy header misclassified

I think this may be a regression. The Content-Security-Policy header needs to be shown in the Security headers section, not in the Entity headers session (which looks for "Content-*").

  • Eric Lawrence
  • Feb 13 2017
  • Under review
  • Attach files
  • Eric Lawrence commented
    9 Feb, 2018 06:18pm

    Similarly, Content-Security-Policy-Report-Only has the same regression.