Divi WordPress Theme
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress fix Reply To: Content Security Policy in WordPress?

Discussion in 'Misc WordPress Requests' started by Jan Dembowski, Apr 8, 2018.

  1. Jan Dembowski


    Reply To: Content Security Policy in WordPress?, by Jan Dembowski

    after I spent few days to setting up Content Security Policy I ended up with question: Is it worth it?

    It could be worth it, but it sure is a pain in the euphemism to setup.

    *Drinks coffee*

    See https://scotthelme.co.uk/content-security-policy-an-introduction/ for more details.

    If you have a too permissive CSP then that sort of defeats the purpose. Many people have a FB icon/like button, a Twitter feed in a side bar, a Youtube video etc. on their site. Without a CSP header the browser says “OK” and loads those referenced assets and scripts. It just works.

    When you add CSP and you miss something then parts of your site stop working in your visitor’s browser. Not good. If you can get all of the references correct and your browser (try with Chrome and Firefox) does not complain about blocked by policy assets then you got it right.

    Reply To: Content Security Policy in WordPress?

Share This Page

Monarch Social Sharing Plugin