I need Help i Font Know how to make the CSP Content Security Policy working.
I did some with the Transform Rules but Google Insights says it is Not strong enough
That s Missing
I have try with worker but after this my Site didnt Show good anymore.
Please can you Help me
A step step Guide would bei cool
Thank you to everyone
If you don’t have local scripts running use
If you do have local scripts running use
script-src 'self' if they are in separate files. If they are inline scripts, use a
console.log("Using a nonce")
'nonce-1fe61dae67c6' to the
script-src in the CSP header.
If you are wanting to allow scripts from other sites you can add the site as
And you can combine this together
script-src 'self' 'nonce-1fe61dae67c6' example.com;
Similar principles apply for other policy directives.
Check out MDN for (a lot) more information
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.