Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
lhag87
Explorer

HTTP Content-Security-Policy

Hello,
Has anyone been able to configure the "snappymail webmail
behind the Mobile Blade user portal?

I'm using R81.0 and the web application is configured with HT.

It seems that this web application sends a Content-Security-Policy
header with a nonce in "script-src" that blocks javascript injected by the MobileBlade portal.
( https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy )

Is it possible to tweak the injected javascript to add the nonce to the Content-Security-Policy header?

Best Regards,

0 Kudos
1 Reply
Pito
Participant

I am experiencing a similar issue with Content Security Policy (CSP) restrictions causing blockages. It seems that the security measures in place are impacting the accessibility of certain content.

I believe that addressing this concern is crucial for a smoother user experience. maintain the necessary security while ensuring that legitimate content is not unduly restricted.

Has anyone found a resolution to this problem or have suggestions on how we can navigate around CSP limitations without compromising security?

Looking forward to hearing your insights and experiences.

Best regards,

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events