content-security-policy.com
content-security-policy.com copied to clipboard
Link to spec. Show port and path.
In my testing, it seems that if no port is specified, browsers assume 80 (or maybe 443 if the scheme is https, but I didn't try that.) I don't have any official source for that, though.