# | Time Frame | Framing Control | TLS Enforce | Content Control | Third JS Parties | 'unsafe-inline' | http / https / * | data: | Diffs | Normalized Policy |
---|---|---|---|---|---|---|---|---|---|---|
0 |
2017-10-01 - END |
False |
True |
True |
0 |
True |
True |
True |
0 |
block-all-mixed-content; child-src blob: data: https:; connect-src blob: data: https:; default-src data: https: 'unsafe-inline' 'unsafe-eval'; font-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; report-uri report; script-src data: https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; upgrade-insecure-requests; |