diff --git a/appveyor.yml b/appveyor.yml
index 16b671e..2470d71 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -14,7 +14,7 @@ build_script:
           dotnet pack src\HardHat\HardHat.csproj --configuration Release --output ..\..\output /p:Version=0.0.1-build-$env:APPVEYOR_BUILD_NUMBER
         }
 test_script:
-- ps: dotnet test src\HardHat.UnitTests\HardHat.UnitTests.csproj
+- ps: dotnet test src\HardHat.UnitTests\HardHat.UnitTests.csproj /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
 artifacts:
 - path: output\**.nupkg
 deploy:
diff --git a/src/HardHat/Builders/ContentSecurityHeaderBuilder.cs b/src/HardHat/Builders/ContentSecurityHeaderBuilder.cs
index 5bc978d..b7cd304 100644
--- a/src/HardHat/Builders/ContentSecurityHeaderBuilder.cs
+++ b/src/HardHat/Builders/ContentSecurityHeaderBuilder.cs
@@ -13,6 +13,10 @@ namespace HardHat.Builders
             {
                 throw new ArgumentNullException(nameof(policy));
             }
+            if(policy.DefaultSrc.Count > 0 && policy.DefaultSrc.Contains(CSPConstants.None))
+            {
+                //todo throw exception in this case
+            }
             if (policy.DefaultSrc != null && policy.DefaultSrc.Count > 0)
             {
                 stringBuilder.Append(Constants.CSPDirectives.DefaultSrc);
@@ -91,6 +95,10 @@ namespace HardHat.Builders
                 stringBuilder.Append(Constants.CSPDirectives.PluginTypes);
                 stringBuilder.Append($" {string.Join(" ", policy.PluginTypes)}; ");
             }
+            if(policy.UpgradeInsecureResponse) 
+            {
+                stringBuilder.Append($"{Constants.CSPDirectives.UpgradeInsecureRequests}; ");
+            }
             return stringBuilder.ToString().TrimEnd();
         }
     }
diff --git a/src/HardHat/Constants.cs b/src/HardHat/Constants.cs
index 70bb58f..57119c7 100644
--- a/src/HardHat/Constants.cs
+++ b/src/HardHat/Constants.cs
@@ -52,6 +52,7 @@
             internal const string FormAction = "form-action";
             internal const string FrameAncestors = "frame-ancestors";
             internal const string PluginTypes = "plugin-types";
+            internal const string UpgradeInsecureRequests = "upgrade-insecure-requests";
         }
     }
 }
diff --git a/src/HardHat/ContentSecurityPolicy.cs b/src/HardHat/ContentSecurityPolicy.cs
index 4b30854..c55014d 100644
--- a/src/HardHat/ContentSecurityPolicy.cs
+++ b/src/HardHat/ContentSecurityPolicy.cs
@@ -68,5 +68,7 @@ namespace HardHat
         /// </summary>
         public bool OnlySendReport { get; set;  } = false;
 
+        public bool UpgradeInsecureResponse { get; set; } = false;
+
     }
 }
diff --git a/src/HardHat/ContentSecurityPolicyBuilder.cs b/src/HardHat/ContentSecurityPolicyBuilder.cs
index 438e49a..c684f89 100644
--- a/src/HardHat/ContentSecurityPolicyBuilder.cs
+++ b/src/HardHat/ContentSecurityPolicyBuilder.cs
@@ -204,6 +204,11 @@ namespace HardHat
             Policy.Sandbox = sandboxOption ?? throw new ArgumentNullException(nameof(sandboxOption));
             return this;
         }
+        public ContentSecurityPolicyBuilder WithUpgradeInsecureResponse(bool enable = true) 
+        {
+            Policy.UpgradeInsecureResponse = enable;
+            return this;
+        }
         public ContentSecurityPolicy BuildPolicy() => Policy;
 
     }