Title: plugin reformats CSP Last modified: December 27, 2018 --- # plugin reformats CSP * Resolved [bz61vl0p](https://wordpress.org/support/users/bz61vl0p/) * (@bz61vl0p) * [7 years, 5 months ago](https://wordpress.org/support/topic/plugin-reformats-csp/) * Hi, first of all I must thank you for your patience and support. * 1. Iam using the frontend CSP option and at the moment I am inserting hashes to avoid unsafe-inline – in Chrome I have noticed that chrome shows no great problems directly after entering and saving the CSP. Chrome only accepts hashes with an empty space inbetween and this is where your plugin causes the problem– after leaving WordPress the plugin seems to reformat the CSP and while doing this also deletes the empty spaces. Result: now Chrome refuses the hashes as invalid. Is there a way to avoid this – if not can I seperatly add a CSP for the frontend ina .htacces for example (please have patience – just a pointer) * 2. I can also configure the dasboard (backend?) CSP. Could I theoretically delete unsafe-inline and unsafe-eval, if WordPress (core), used theme and plugins do use inline-scripts/styles and eval()? * If yes – does your plugin need inline-scripts/styles or eval()? Viewing 3 replies - 1 through 3 (of 3 total) * Thread Starter [bz61vl0p](https://wordpress.org/support/users/bz61vl0p/) * (@bz61vl0p) * [7 years, 5 months ago](https://wordpress.org/support/topic/plugin-reformats-csp/#post-11029344) * Hi correction : I wrote * > do use inline-scripts/styles and eval()? * Of course I meant do **not** use inline-scripts/styles and eval(). * And of course Best Regards and thanks * Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/) * (@nintechnet) * [7 years, 5 months ago](https://wordpress.org/support/topic/plugin-reformats-csp/#post-11030125) * Hi, * Could you show me an example of input that you enter in the CSP field, and also what it looks like after being modified? The firewall will only remove the following characters from the CSP field: ‘<‘, ‘>’, “\x0a”, “\x0d”, ‘%’, ‘$’ and ‘&’. * Regarding the backend, NinjaFirewall requires inline-scripts/styles so I don’t recommend to use hashes for that part. * Thread Starter [bz61vl0p](https://wordpress.org/support/users/bz61vl0p/) * (@bz61vl0p) * [7 years, 5 months ago](https://wordpress.org/support/topic/plugin-reformats-csp/#post-11030228) * Hi, today I regret you’re so fast – it seemms the formatting was my fault, at least I cannot reproduce it today. My excuses. Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘plugin reformats CSP’ is closed to new replies. * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137) * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/) * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq) * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/) * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/) * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/) * 3 replies * 2 participants * Last reply from: [bz61vl0p](https://wordpress.org/support/users/bz61vl0p/) * Last activity: [7 years, 5 months ago](https://wordpress.org/support/topic/plugin-reformats-csp/#post-11030228) * Status: resolved