Add own CSP headers

nodomain · May 17, 2023, 6:54am

I am using the standard Docker based install. In our template we need to include Adobe Tag Manager which is loaded from assets.adobedtm.com. The default CSP headers prevent loading of the script.

How can I add or extend the default CSP headers in a “supported” non-hacky way?

Jagster · May 17, 2023, 8:02am

Is

not using CSP by Discourse
using CSP via reverse proxy or similar

hacky way?

nodomain · May 17, 2023, 8:06am

I just need to know how I can add it e.g. during build of the container to be able to automate it…

Lhc_fl · May 17, 2023, 8:33am

Do you mean “content security policy script src” in site settings?

nodomain · May 17, 2023, 9:00am

Yes!

And how can I amend e.g. connect-src or other attributes of the policy?

system · June 16, 2023, 9:09am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Automatically adding theme scripts to CSP dev	3	1105	October 23, 2020
"Refused to load the script" when adding adsense support	3	1305	March 10, 2019
Custom JS script in theme component not loading support	2	530	December 10, 2020
Can I add a snippet to the header? support	5	665	February 7, 2023
How to Add Google Auto Ads Code in </head> support	13	2520	August 10, 2023

Add own CSP headers

Related Topics