Need to configure http headers

0
I need to configure the following header tag in Mendix cloud Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self';form-action 'self';   But when I configure it the acceptance environment url redirects to a blank page   Is there any specific format to be followed or is there any other way I can configure this header without affecting the working of the application Thanks
asked
2 answers
0

Hi Shri,

 

Have you checked this page: https://docs.mendix.com/howto/security/using-mobile-capabilities/csp/

There is some information about using a strict CSP

answered
0

Here is a detailed explanation of how you can configure CSP in Mendix

Content Security Policy | Mendix Documentation

 

And here you have detailed information what the CSP is and how to use it

Content Security Policy Level 2 (w3.org)

 

answered