How to solve Content-Security-Policy and Permissions-Policy?
2 Attachment(s)
Hello,
I have a WordPress website and checked it with https://securityheaders.com/ website and it show me an error about “Content Security Policy (CSP)” and "Permissions-Policy" headers. I changed my Apache configuration and added below line to it: Code:
Header set Content-Security-Policy-Report-Only "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';" How can I solve it? Thank you. |
Hello,
Any idea about it? To solve "Permissions-Policy", I added below line to "httpd.conf" and it solved: Code:
Header always set Permissions-Policy "geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();" |
I added below line to "httpd.conf" to solve "Content-Security-Policy", but my website messed up:
Code:
Header always set Content-Security-Policy "default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;" |
1 Attachment(s)
Thank you.
When I added above line then the Chromium Developer Tools show: Attachment 35732 This is my problem and I don't know how to solve it! |
All times are GMT -5. The time now is 09:43 AM. |