diff options
Diffstat (limited to 'doc/user/application_security/dast/checks/16.8.md')
-rw-r--r-- | doc/user/application_security/dast/checks/16.8.md | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/user/application_security/dast/checks/16.8.md b/doc/user/application_security/dast/checks/16.8.md index 07bd2a6842f..b8faef75de7 100644 --- a/doc/user/application_security/dast/checks/16.8.md +++ b/doc/user/application_security/dast/checks/16.8.md @@ -8,12 +8,13 @@ info: To determine the technical writer assigned to the Stage/Group associated w ## Description -A `Content-Security-Policy` (CSP) was identified on the target site. CSP can aid in hardening -a website against various client side attacks such as Cross-Site Scripting (XSS). +A missing or invalid `Content-Security-Policy` (CSP) was identified on the target site. CSP can aid in +hardening a website against various client side attacks such as Cross-Site Scripting (XSS). ## Remediation -Follow the recommendations to determine if any actions are necessary to harden this `Content-Security-Policy`. +If the target site is missing a CSP, please investigate the relevant URLs for enabling CSP. Otherwise, +follow the recommendations to determine if any actions are necessary. ## Details |