After upgrading to 1.12.2, the Content-Security-Policy no longer works

Any news on a fix for this issue? It’s been 5 business days with no reply, so I am following up.

You mentioned in this thread that there is some sort of transformation that I should try, but you didn’t provide any details on how to accomplish that.

• This reply was modified 5 years, 7 months ago by Gord. Reason: Updated link to point to specific comment

Same problem here, we cannot add new policies.

There just one input field below the policies. The existing policies are not shown, so we did not click on save to prevent the existing policies to be overwritten.

We downgraded the plugin to version 1.12.1, the existing policies are shown again and we can add the new policies.

As a update, I was able to get it working.

The author changed the data format between 1.12.1 and 1.12.2. If you load the settings from a previous version, the only thing that gets loaded is 1 character from the textbox, maybe. None of the checkboxes are enabled and the strings are all truncated.

To fix it,

1. make a backup (just in case)
2. delete everything (including the textboxes)
3. enter everything from scratch.
4. use “inspect headers” (or securityheaders.com) to verify the correct header output
5. test everything

I did this and it started working right away.

IMHO, this is way too big of a change to slip into a bug-fix release. Bug fixes should not, except in extreme circumstances, break backward compatibility. Also see the author’s comments here
that he has intention to correct it.

I hope you are able to able to regenerate your policy in the new version and get it working again because you don’t want to get stuck not being to get future updates.