Add own CSP headers

nodomain · May 17, 2023, 6:54am

I am using the standard Docker based install. In our template we need to include Adobe Tag Manager which is loaded from assets.adobedtm.com. The default CSP headers prevent loading of the script.

How can I add or extend the default CSP headers in a “supported” non-hacky way?

Jagster · May 17, 2023, 8:02am

Is

not using CSP by Discourse
using CSP via reverse proxy or similar

hacky way?

nodomain · May 17, 2023, 8:06am

I just need to know how I can add it e.g. during build of the container to be able to automate it…

Lhc_fl · May 17, 2023, 8:33am

Do you mean “content security policy script src” in site settings?

nodomain · May 17, 2023, 9:00am

Yes!

And how can I amend e.g. connect-src or other attributes of the policy?

system · June 16, 2023, 9:09am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Automatically adding theme scripts to CSP Dev	4	1186	July 17, 2024
Nginx as reverse proxy and Content Security Policy issue Installation nginx	8	338	August 21, 2024
"Refused to load the script" when adding adsense Support	3	1403	March 10, 2019
Custom JS script in theme component not loading Support	2	594	December 10, 2020
Can I add a snippet to the header? Support	5	787	February 7, 2023

Add own CSP headers

Related topics