Duplicate headers
-
X-Content-Type-Options There was a duplicate X-Content-Type-Options header.
X-Frame-Options There was a duplicate X-Frame-Options header.
Permissions-Policy There was a duplicate Permissions-Policy header.
Strict-Transport-Security There was a duplicate Strict-Transport-Security header.I recieve this when i check the csp on https://securityheaders.com/
Any idea of a fix?HTTP/2 200 server nginx date Tue, 11 Oct 2022 10:30:32 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin expect-ct max-age=7776000, enforce content-security-policy report-uri https://brandstart.ie x-frame-options SAMEORIGIN permissions-policy accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=* sg-f-cache BYPASS x-xss-protection 1; mode=block expect-ct max-age=7776000, enforce access-control-allow-origin null access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-headers Content-Type, Authorization x-content-security-policy img-src *; media-src * data:; x-content-type-options nosniff content-security-policy report-uri https://brandstart.ie referrer-policy strict-origin-when-cross-origin cross-origin-embedder-policy-report-only unsafe-none; report-to="default" cross-origin-embedder-policy unsafe-none; report-to="default" cross-origin-opener-policy-report-only same-origin; report-to="default" cross-origin-opener-policy same-origin-allow-popups; report-to="default" cross-origin-resource-policy cross-origin x-frame-options SAMEORIGIN permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), document-domain=(), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=(), window-placement=() feature-policy display-capture 'self' x-permitted-cross-domain-policies none x-cache-enabled True strict-transport-security max-age=63072000; includeSubDomains; preload link <https://brandstart.ie/wp-json/>; rel="https://api.w.org/" link <https://brandstart.ie/wp-json/wp/v2/pages/394>; rel="alternate"; type="application/json" link <https://brandstart.ie/>; rel=shortlink x-httpd-modphp 1 host-header 6b7412fb82ca5edfd0917e3957f05d89 x-proxy-cache MISS x-proxy-cache-info 0 NC:000000 UP: content-encoding gzip
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
- The topic ‘Duplicate headers’ is closed to new replies.