Description | This article describes on 'Penetration test on FortiGate with SSL VPN port(443) open and displays the Content Security Policy as unsafe'. |
Scope | FortiGate v6.x.x -7.2.x. |
Solution |
-The reason for including 'unsafe-xxx', blob, or data file system is certain times issues are seen loading web site or third-party web applications through the SSL VPN portal when it is necessary to load extra sources.
-Reports regarding 'unsafe-eval' and 'unsafe-inline' have already been reported and the developers concluded them to be necessary for the operation of the SSL VPN portal. To avoid function breakage, 'unsafe-eval' and 'unsafe-inline' are still acceptable. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.