CSP results in blank Firewall screen

  • Resolved bacg

    (@bacg)


    2 years, 4 months ago

    If I set my CSP via Apache to this:
    Header set Content-Security-Policy “default-src ‘self’; script-src https://*”

    In the WordPress/Wordfence dashboard, the WF firewall page is blank?
    All other pages seem to display ok.

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @bacg, thanks for getting in touch.

    When implementing CSP on a site, multiple plugins could be affected as the majority of our customers will have other plugins using inline scripts.

    WordPress added some functions to dynamically add nonces for CSP and we are currently looking into adding them for a future version of Wordfence. We need to be careful that we don’t introduce conflicts with plugins or custom code that tries to address this. Your issue has been logged with the QA team in case I can add any further information here regarding your specific policy.

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘CSP results in blank Firewall screen’ is closed to new replies.