Your page has a Content Security Policy (CSP) configuration issue that could leave your site vulnerable to attacks. CSP is a powerful security feature that helps prevent Cross-Site Scripting (XSS) and other code injection attacks by controlling which resources the browser is allowed to load.
A CSP directive that is too permissive or contains unsafe configurations like `'unsafe-inline'` or `'unsafe-eval'`.
Review and tighten your CSP directives. Use nonces or hashes for inline scripts and styles instead of `'unsafe-inline'`.
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-random123'; style-src 'self' 'unsafe-inline'A properly configured CSP acts as a strong defense against XSS attacks by ensuring only trusted resources can be loaded and executed on your page.
This issue can affect your site's search engine rankings and user experience. Addressing it promptly helps ensure optimal performance and visibility in search results.
Black SEO Analyzer automatically checks for this warning during site analysis, along with hundreds of other technical SEO issues.
Choose the license that fits your needs and start getting the deep, actionable insights you deserve.