Does Content Security Policy affect Cloudflare?

Using Pages for site and Workers for security headers. Wondering if specifying the script-src part of the header to self affects Cloudflare at all or my site’s proxy?

Nope, that’s not built into the workers system at all nor CF proxies. CSP only informs browsers what scripts to run, and even then it’s up to the browser to respect those (as in, many browsers don’t look at it Content Security Policy Level 2 | Can I use... Support tables for HTML5, CSS3, etc).

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.