CodeIgniter Forums
need help with CSP config - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forum-28.html)
+--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forum-30.html)
+--- Thread: need help with CSP config (/thread-71383.html)



need help with CSP config - anthos1984 - 08-08-2018

I activate csp setting to 'true' at Config\App.
But web browser console show error something like : 'csp setting blocked content at 'self''
I don't know how to set Config\CSPsetting properly so my page not show error, but enforce good security practice.

Need help with that. The setting only have default, no choice on documentation line


RE: need help with CSP config - donpwinston - 08-08-2018

In Config/ContentSecurityPolicy.php you need to set the attributes to whatever you're doing.

See:
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
http://www.w3.org/TR/CSP/


RE: need help with CSP config - anthos1984 - 08-08-2018

Great!!, thanks...
Now I can properly set CSP setting.