1. Support Center
  2. Issue Definitions
  3. Content security policy: malformed syntax

Content security policy: malformed syntax

Description: Content security policy: malformed syntax

Content Security Policy (CSP) is a security mechanism designed to mitigate cross-site scripting attacks by disabling dangerous behaviours such as untrusted JavaScript execution. Websites can specify their security policy in a response header or meta tag, enabling fine-grained control over dangerous features like scripts and stylesheets.

Remediation: Content security policy: malformed syntax

Using malformed syntax in your policy causes the browser to ignore the directive. Ensure that you use the correct syntax in your policy.

References

Vulnerability classifications

    Typical severity

    Information

    Type index (hex)

    0x00200506

    Type index (decimal)

    2098438

    Burp Scanner

    This issue - and many more like it - can be found using our web vulnerability scanner

    Read more

    Get Burp

    Scan your web application from just $449.00

    Find out more