Is it possible prevent inline JavaScript on Internet Explorer 11 using CSP on ASP.NET WebForm? I know IE 11 does not support Content Security Policy Level 2 but it seen that support Level 1.0. I tried many way and there is not a clear answer out there. I tried:
- Response.AddHeader("X-Content-Security-Policy", "script-src 'none'");
- Response.AddHeader("X-Content-Security-Policy","script-src 'self'");
- Response.AddHeader("Content-Security-Policy", "script-src 'self'");
it's not working.
Thanks! Albert Torres
Aucun commentaire:
Enregistrer un commentaire