The Content-Security-Policy-Report-Only-Pin header field is the mechanism for delivering a pinned policy that the user agent MUST monitor for any resource which is not delivered with a Content-Security-Policy-Report-Only header (as described in the “Pin a policy to response” algorithm). (W3C TR Content Security Policy Pinning)


Return to list of all ( HTTP Header Fields | Web Concepts )