Hello @besite
Thank you for reaching out and I am happy to help!
Can you please share if you added the value in the Content Security Policy Report Only section or Content Security Policy?
What are the values you added and if you check the source is the script-src-elem added?
Thanks!
Thread Starter
besite
(@besite)
Hi, thank you for your quick reply.
Whenever I put the value “my-testing-value” inside script-src-elem and check master.php I see the following:
"browsercache.security.csp.scriptelem": "my-testing-value",
Which sounds about right, except when I open .htaccess I don’t see the Header set Content-Security-Policy
Whenever I put the value my-testing-value-2 inside the field: style-src-attr:
I get this results which is want I want:
Header set Content-Security-Policy "script-src-elem my-testing-value-2"
So what I see is the script-src-elem is not generator correcly to the htaccess and the style-src-attr is used for the value of script-src-elem.
I hope I made myself clear. If you need more info let me know.
Thank you
Hello @besite
Thank you for the clarification.
Let me make some tests and try to replicate this and I’ll get back to you once I have more info
Thanks!
Hello @besite
We do have a ticket for this in our GitHub Repository
Please make sure to check the progress and add any additiona information there
Thanks!
