Hello
I use Cloudflare Pages for my static sites and my domain is connected to cloudflare dns. I want to add Content-Security-Policy, X-Frame-Options, Referrer-Policy, and Permissions-Policy headers, how do I do that?

Hi @mahdidev72,

I don’t believe you can do that natively with Pages, but you can run a Worker that does this, in front of the Pages instance.

Something like Security Headers Cloudflare Worker.

What about the Transform Rules feature?

I believe Transform Rules are mainly for request headers rather than response headers, but it’s not a feature I’m very familiar with.

You’re welcome to try it and let us know if it works, that docs are here:
https://developers.cloudflare.com/rules/transform

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.