Content Security Policy (CSP)

CSP PHP Example

Here's how to add a Content-Security-Policy HTTP response header in PHP.

Example CSP Header with PHP

By using the PHP header() function we can

	header("Content-Security-Policy: default-src 'self'");

What goes inside a CSP policy?

If you're not sure what default-src 'self'; means, then check out the Content Security Policy reference for details.

Another Option for PHP

Another option is to use a web server mechanism to add a HTTP response header, such as a htaccess file.