Content-Security-PolicyHTTP response header to your Netlify site.
The easiest way to add headers to your Netlify site is to add the
Content-Security-Policy header to your
netlify.toml file under the
[[headers]] and then under
[[headers]] for = "/*" [headers.values] Content-Security-Policy = "default-src 'self';"
In the above example we are simply setting a policy:
Chances are you will need something more involved than that
If you're not sure what
default-src 'self'; means, then check out the Content Security Policy reference for details.
Instead of using
netlify.toml you can instead place a file named
_headers in the publish directory of your site. The syntax for that file might look like this:
/* Content-Security-Policy: default-src 'self';
Advisory Week is a weekly roundup of all the security advisories published by the major software vendors.