The number of URLs is increasing for 'CSP: script-src unsafe-inline' and 'CSP: style-src unsafe-inline' after fixing 'CSP: Wildcard Directive'

Hello.
1) I has the next report:
![image](https://github.com/OWASP/owasp.github.io/assets/28634785/75dd9c7f-655f-4238-aac7-a09b39be48d5)
The value of CSP was 
**"default-src 'self'; script-src 'self' cdn.jsdelivr.net 'unsafe-inline'; img-src 'self' validator.swagger.io bootswatch.com getbootstrap.com data:; style-src 'self' cdn.jsdelivr.net 'unsafe-inline'; font-src 'self' cdn.jsdelivr.net data:; connect-src 'self' bootswatch.com;"**
2) I fixed CSP: Wildcard Directive by adding  **form-action 'self'; frame-ancestors 'self'** and received the next report:
![image](https://github.com/zaproxy/zaproxy/assets/28634785/c3c02798-52a3-448b-9645-77f0f4cde9d2)
3) My question is why the number of URLs in **CSP: script-src unsafe-inline** and **CSP: style-src unsafe-inline** was increased? 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

The number of URLs is increasing for 'CSP: script-src unsafe-inline' and 'CSP: style-src unsafe-inline' after fixing 'CSP: Wildcard Directive' #313

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Uh oh!

The number of URLs is increasing for 'CSP: script-src unsafe-inline' and 'CSP: style-src unsafe-inline' after fixing 'CSP: Wildcard Directive' #313

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions