AuthEndpoint.HasContentSecurityPolicy

Authorization page has Content Security Policy

This test determines whether the authorization endpoint uses a content security policy to avoid framing of the authorization page.

View source code on GitHub

Documents

This test is part of the following document(s):

• OAuth 2.0 Security Best Current Practice (draft 25) (SecBCP), section 4.15 (should)

Back to the test case overview or the threat overview