I think this may be a regression. The Content-Security-Policy header needs to be shown in the Security headers section, not in the Entity headers session (which looks for "Content-*").
1 comment
Eric
Posted on:09 Feb 2018 06:00
Similarly, Content-Security-Policy-Report-Only has the same regression.