InCSP,document directives are used in aContent-Security-Policy header and govern the properties of a document orworker environment to which a policy applies.

Document directives don't fall back to thedefault-src directive.

SeeDocument directives for a complete list.

See also

• Related glossary terms:
  • CSP
  • Reporting directive
  • Fetch directive
  • Navigation directive
• Reference
  • Document directives specification
  • upgrade-insecure-requests
  • block-all-mixed-content
  • Content-Security-Policy