Content Security Policy OFF even I turn it ON

  • Resolved whateverfree2

    (@whateverfree2)


    4 years, 7 months ago

    Hi
    I setup and turned ON the Content Security Policy. Then I check at securityheaders.com and see the green color, meaning it’s ON

    But after a few minutes, I check again and the result is RED color, meaning it’s OFF

    What does that mean? The plugin issues or the cache issues? Do I still get protected by CSP?

    I tried to add the rule for Nginx but always get the error. Could you please advise?

    My rule:
    add_header Content-Security-Policy "default-src 'self'; script-src img-src style-src font-src *.statically.io;";

    I am using statically.io CDN

    Thanks

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Content Security Policy OFF even I turn it ON’ is closed to new replies.