CleanPortfolio not working correctly with CSP enabled

  • Hello,

    When I have CSP enabled with the following options, the page is not showing completely. I can’t see some media and also the theme editor doesn’t work.

    Header set Content-Security-Policy “default-src ‘self’; http: https: data:; upgrade-insecure-requests; frame-ancestors ‘self’;”

    When I change the CSP option and make it less secure (which is not what I want) then it works.

    Header set Content-Security-Policy “script-src ‘self’ ‘unsafe-inline’ ‘unsafe-eval’ http: https: data:; upgrade-insecure-requests; frame-ancestors ‘self’;”

    The page I need help with: [log in to see the link]

  • The topic ‘CleanPortfolio not working correctly with CSP enabled’ is closed to new replies.