我的Apache 2.4 Content-Security-Policy标头值如下所示:
Header always set Content-Security-Policy "default-src https:
*.google.com *.gstatic.com *.domain.local *.googleapis.com
cdn.jotfor.ms events.jotform.com; script-src 'unsafe-inline
' *.google.com *.gstatic.com *.domain.local *.googleapis.com
cdn.jotfor.ms events.jotform.com; style-src 'unsafe-inline'
*.google.com *.gstatic.com *.domain.local *.googleapis.
com cdn.jotfor.ms events.jotform.com; img-src 'self' data:
*.google.com *.gstatic.com *.domain.local *.googleapis.com
cdn.jotfor.ms events.jotform.com"
有没有办法整合所有跨指令重复的域声明?
谢谢