Evaluating Googles Internal CSP - Base-URI - Noticing Localhost's and :x000 ports
content-security-policy: base-uri 'self'; connect-src 'self'; default-src 'none'; font-src https://fonts.googleapis.com https://fonts.gstatic.com; frame-ancestors https://*.google.com http://*.google.com https://*.proxy.preview.kintaro.goog http://*.proxy.preview.kintaro.goog http://*.c.googlers.com:8082 http://*.c.googlers.com:8080 http://localhost:8082 https://cloud.google.com https://*.proxy.googleprod.com https://*.proxy.googlers.com http://localhost:3000 https://workspace-staging-static-dot-gteam-gsuite-staging.appspot.com https://workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com; frame-src https://www.google.com/; img-src 'self' https://www.google.com/favicon.ico https://www.gstatic.com/brandstudio/etochat/ https://gweb-eto-chatbot-staging.appspot.com.storage.googleapis.com/ https://ssl.gstatic.com/ ; media-src 'self';
Screenshot: Evaluate for localhost domains and related ports
content-security-policy:
- base-uri 'self';
- connect-src 'self';
- default-src 'none';
- font-src
- https://fonts.googleapis.com
- https://fonts.gstatic.com;
- frame-ancestors:
- https://*.google.com
- http://*.google.com
- https://*.proxy.preview.kintaro.goog
- http://*.proxy.preview.kintaro.goog
- Submitted URL: http://proxy.preview.kintaro.goog/
Effective URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fue.appengine.google.com%2F_ah%2Fconflogin%3Fstate%3D... - http://*.c.googlers.com:8082
- http://*.c.googlers.com:8080
- http://localhost:8082
- https://cloud.google.com
- https://*.proxy.googleprod.com
- https://*.proxy.googlers.com
- http://localhost:3000
- https://workspace-staging-static-dot-gteam-gsuite-staging.appspot.com
- https://workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com
- frame-src
- https://www.google.com/;
- img-src 'self'
- https://www.google.com/favicon.ico
- https://www.gstatic.com/brandstudio/etochat/
- https://gweb-eto-chatbot-staging.appspot.com.storage.googleapis.com/
- https://ssl.gstatic.com/
- media-src 'self';
- report-uri /api/v1/csp;
- script-src
- 'nonce-v3EpWv0eHT'
- 'strict-dynamic'
- 'unsafe-inline'
- https:
- http:;
- style-src
- 'self'
- 'unsafe-inline'
- https://fonts.googleapis.com
workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com has address 142.250.185.212
212.185.250.142.in-addr.arpa domain name pointer fra16s52-in-f20.1e100.net
workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com mail is handled by 5 gmr-smtp-in.l.google.com
workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com mail is handled by 40 alt4.gmr-smtp-in.l.google.com
workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com mail is handled by 10 alt1.gmr-smtp-in.l.google.com
workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com mail is handled by 30 alt3.gmr-smtp-in.l.google.com
workspace-staging-static-dot-gteam-gsuite-staging.uc.r.appspot.com mail is handled by 20 alt2.gmr-smtp-in.l.google.com
host workspace-staging-static-dot-gteam-gsuite-staging.appspot.com
workspace-staging-static-dot-gteam-gsuite-staging.appspot.com has address 142.250.184.244
workspace-staging-static-dot-gteam-gsuite-staging.appspot.com has IPv6 address 2a00:1450:4001:831::2014
workspace-staging-static-dot-gteam-gsuite-staging.appspot.com mail is handled by 20 alt2.gmr-smtp-in.l.google.com.
workspace-staging-static-dot-gteam-gsuite-staging.appspot.com mail is handled by 5 gmr-smtp-in.l.google.com.
workspace-staging-static-dot-gteam-gsuite-staging.appspot.com mail is handled by 40 alt4.gmr-smtp-in.l.google.com.
workspace-staging-static-dot-gteam-gsuite-staging.appspot.com mail is handled by 10 alt1.gmr-smtp-in.l.google.com.
workspace-staging-static-dot-gteam-gsuite-staging.appspot.com mail is handled by 30 alt3.gmr-smtp-in.l.google.com.
reverse DNS: 142.250.184.244
244.184.250.142.in-addr.arpa domain name pointer fra24s12-in-f20.1e100.net.
Comments
Post a Comment
Please feel free to sign up and join the discussion or start one