Question

Enable Content-Security-Policy on a web app

0

Hello, we need to add http header in our application. we have on-prim installation - shell i just add this header on login.aspx and index.aspx will do ? or does it require any other changes? Content-Security-Policy: default-src 'self'

asked 2022-09-30

Anuj Kamthan

3 answers

Tim v Steenbergen · Answer 1 · 2022-10-12

Better check if you can do this in sprintr in the Network-settings of your environment:

Read the docs for very helpfull instructions: https://docs.mendix.com/developerportal/deploy/environments-details/#http-headers

Jan Schneider · Answer 2 · 2022-09-30

Hello Anuj,

I'm not sure what created the aspx files, but whatever you need to do with HTML, can be done with an HTML/Javascript snippet. This you can download from the marketplace.

If you created your own custom login page, you can add this directly into your login page (which can be found in ProjectFolder/theme/web/login.html).

Hope this helps for you. Good luck with it,

Jan

Dinesh Kumar · Answer 3 · 2022-10-12

HI Anuj,

You can have a look at this documentation in mendix : https://docs.mendix.com/developerportal/deploy/security-checklist-for-your-on-premises-installation/