What is the "CSP allows unsafe-eval" check?

P1 · HighSecurity

CSP allows unsafe-eval

CSP permits eval()

Code: csp_unsafe_eval

CSP permits eval(). Browsers and users expect sites to be secure. Missing protections expose visitors to data theft, phishing, and loss of trust.

HTTPS certificate has expired

Certificate expires in < 7 days

Certificate expires in < 30 days

HTTP does not redirect to HTTPS

HTTPS page loads HTTP resources

Get a complete audit in under 2 minutes. No account required.