Content Security Policy

  • Hello,

    I’m trying to make our website more secure and therefor I have configured some HTTP Header options. So far so good. But setting a basic Content Security Policy header immediate breaks the Nirvana theme. Most of the layout is being removed, only the bare content is still visible.

    Can I do something about this myself or is it because the theme depends on external scripts or styles? I’m not sure.

    I used the following line in .htaccess:
    Header set Content-Security-Policy “default-src ‘self'”

    Would be nice if somebody could point me in the right direction.

    Best regards,
    Peter.

  • The topic ‘Content Security Policy’ is closed to new replies.