# | Time Frame | Framing Control | TLS Enforce | Content Control | Third JS Parties | 'unsafe-inline' | http / https / * | data: | Diffs | Normalized Policy |
---|---|---|---|---|---|---|---|---|---|---|
0 |
2017-10-29 - 2017-10-29 |
True |
False |
True |
2 |
True |
False |
False |
0 |
default-src https://*.yahoo.com data: https://*.yimg.com 'self' * blob:; font-src 'self' https://*.yimg.com data: https://*.yahoo.com; frame-ancestors https://*.aol.com https://*.huffingtonpost.com https://*.yahoo.com https://*.techcrunch.com; media-src blob: 'self' https://*.yahoo.com https://*.yimg.com; object-src https://*.yimg.com; report-uri report; script-src https://*.yahoo.com https://*.yimg.com https://*.btrll.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src https://*.yahoo.com https://*.yimg.com 'self' 'unsafe-inline' https://platform.twitter.com; |
1 |
2018-07-30 - END |
False |
False |
False |
0 |
False |
False |
False |
36 |
report-uri report; sandbox allow-popups-to-escape-sandbox allow-forms allow-popups allow-same-origin allow-scripts allow-presentation; |