httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Albert <...@netrition.com>
Subject Re: [users@httpd] Content-Security-Policy for a WordPress website.
Date Thu, 17 Sep 2020 20:17:54 GMT
On 9/17/2020 3:27 PM, Jason Long wrote:
> Hello,
> When I added "Header set Content-Security-Policy "default-src 'self';"" to "httpd.conf"
then my website style and some graphical features are disable.
> Why?
>
> Thank you.
>
>

Use your browser's developer tools (usually F12) to view your console 
errors and warnings. The console will tell you what content your CSP 
might be blocking.
Until you have your CSP set properly you can use a report only CSP 
header to report what's getting blocked without actually blocking it.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

Jim


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message