Content Content Security Policy (CSP)
Implement a Content Security Policy (CSP) to protect your Umbraco site from XSS and data injection.
Last updated
Implement a Content Security Policy (CSP) to protect your Umbraco site from XSS and data injection.
Last updated
This check verifies if your site has a Content Security Policy (CSP) header to defend against Cross-Site Scripting (XSS) and data injection attacks.
This health check can be fixed by adding a header before the response is started.
Preferable you use a security library like .
If you take a NuGet dependency on , you can use third extension methods on IApplicationBuilder
.
Avoid third-party library dependencies by using custom middleware added to the request pipeline as shown below.