We value your privacy

We use cookies to enhance your browsing experience, serve personalised ads or content, and analyse our traffic. By clicking "Accept All", you consent to our use of cookies. Read more.

Customise Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorised as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

  • Cookie
    XSRF-TOKEN
  • Duration
    2 hours
  • Description
    This cookie enhances visitor browsing security by preventing cross-site request forgery.
  • Cookie
    intercom-id-*
  • Duration
    8 months 26 days 1 hour
  • Description
    Intercom sets this cookie that allows visitors to see any conversations they've had on Intercom websites.
  • Cookie
    intercom-session-*
  • Duration
    7 days
  • Description
    Intercom sets this cookie that allows visitors to see any conversations they've had on Intercom websites.
  • Cookie
    intercom-device-id-*
  • Duration
    8 months 26 days 1 hour
  • Description
    Intercom sets this cookie that allows visitors to see any conversations they've had on Intercom websites.
  • Cookie
    _GRECAPTCHA
  • Duration
    6 months
  • Description
    Google Recaptcha service sets this cookie to identify bots to protect the website against malicious spam attacks.
  • Cookie
    rc::a
  • Duration
    Never Expires
  • Description
    This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
  • Cookie
    rc::f
  • Duration
    Never Expires
  • Description
    This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
  • Cookie
    rc::c
  • Duration
    session
  • Description
    This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
  • Cookie
    rc::b
  • Duration
    session
  • Description
    This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

  • Cookie
    yt-remote-device-id
  • Duration
    Never Expires
  • Description
    YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
  • Cookie
    ytidb::LAST_RESULT_ENTRY_KEY
  • Duration
    Never Expires
  • Description
    The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future.
  • Cookie
    yt-remote-connected-devices
  • Duration
    Never Expires
  • Description
    YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
  • Cookie
    yt-remote-session-app
  • Duration
    session
  • Description
    The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player.
  • Cookie
    yt-remote-cast-installed
  • Duration
    session
  • Description
    The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video.
  • Cookie
    yt-remote-session-name
  • Duration
    session
  • Description
    The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video.
  • Cookie
    yt-remote-fast-check-period
  • Duration
    session
  • Description
    The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos.
  • Cookie
    sp_t
  • Duration
    1 year
  • Description
    The sp_t cookie is set by Spotify to implement audio content from Spotify on the website and also registers information on user interaction related to the audio content.
  • Cookie
    sp_landing
  • Duration
    1 day
  • Description
    The sp_landing is set by Spotify to implement audio content from Spotify on the website and also registers information on user interaction related to the audio content.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

  • Cookie
    _omappvp
  • Duration
    1 year 1 month 4 days
  • Description
    The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
  • Cookie
    _omappvs
  • Duration
    20 minutes
  • Description
    The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.
  • Cookie
    _gcl_au
  • Duration
    3 months
  • Description
    Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
  • Cookie
    _ga_*
  • Duration
    1 year 1 month 4 days
  • Description
    Google Analytics sets this cookie to store and count page views.
  • Cookie
    _ga
  • Duration
    1 year 1 month 4 days
  • Description
    Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
  • Cookie
    _hjSessionUser_*
  • Duration
    1 year
  • Description
    Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site.
  • Cookie
    _hjSession_*
  • Duration
    1 hour
  • Description
    Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site.
  • Cookie
    _fbp
  • Duration
    3 months
  • Description
    Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website.
  • Cookie
    _gh_sess
  • Duration
    session
  • Description
    GitHub sets this cookie for temporary application and framework state between pages like what step the user is on in a multiple step form.

Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors.

  • Cookie
    loglevel
  • Duration
    Never Expires
  • Description
    Squarespace sets this cookie to maintain settings and outputs when using the Developer Tools Console on the current session.

Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.

  • Cookie
    YSC
  • Duration
    session
  • Description
    Youtube sets this cookie to track the views of embedded videos on Youtube pages.
  • Cookie
    VISITOR_INFO1_LIVE
  • Duration
    6 months
  • Description
    YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
  • Cookie
    VISITOR_PRIVACY_METADATA
  • Duration
    6 months
  • Description
    YouTube sets this cookie to store the user's cookie consent state for the current domain.
  • Cookie
    yt.innertube::requests
  • Duration
    Never Expires
  • Description
    YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
  • Cookie
    yt.innertube::nextId
  • Duration
    Never Expires
  • Description
    YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Other uncategorised cookies are those that are being analysed and have not been classified into a category as yet.

  • Cookie
    psdb_session
  • Duration
    2 hours
  • Description
    Description is currently not available.
  • Cookie
    patchstack_src
  • Duration
    1 year 1 month 4 days
  • Description
    Description is currently not available.
  • Cookie
    __Secure-ROLLOUT_TOKEN
  • Duration
    6 months
  • Description
    Description is currently not available.
  • Cookie
    _octo
  • Duration
    1 year
  • Description
    No description available.
  • Cookie
    logged_in
  • Duration
    1 year
  • Description
    No description available.
Powered by Cookieyes logo
Skip to content
Patchstack Docs

Missing security headers Permission-Policy or Content-Security-Policy (CSP)

The reason Patchstack does not add these security headers to your site that both of these headers requires very specific manual configuration for them to operate properly.

Permission-Policy
The permission-policy header defines what API features can be used (such as geolocation, microphone, fullscreen, autoplay, payments) on a website, but Patchstack cannot possibly know what your site is about and what API features it uses. Therefore, it requires manual configuration. You can generate the policy for this HTTP security header here https://www.permissionspolicy.com/

Content-Security-Policy (CSP)
The content-security-policy header defines how and what resources can load on your website through any kind of HTML tag. The only way to properly generate this policy is the understand every single resource that is loaded on your site through all HTML tags, including images, scripts (such as Google Analytics), iframes, XHR requests, stylesheets, fonts, objects, videos, forms, and many other HTML tags. Patchstack cannot possibly know all resources that your site calls either locally or from a third-party on all pages that are available on your site. More information can be found here https://content-security-policy.com/

1