Topics

All topics

Configure Content-Security-Policy header

Overview

You can configure the Content-Security-Police HTTP header through the API in the next.config.js file of the Next.js renderer.

Configure CSP header

Perform the following:

Open the next.config.js file of Sitefinity Next.js renderer.
Extend the cspHeader with the required directives and sources
EXAMPLE: To add a particular website as a secure source, modify the section in the following way:

const cspHeader = ` default-src https://*.example.com 'self'`;
Save and close the next.config.js file.
Build and deploy the renderer application.

Increase your Sitefinity skills by signing up for our free trainings. Get Sitefinity-certified at Progress Education Community to boost your credentials.

Get started with Integration Hub | Sitefinity Cloud | Sitefinity SaaS

This free lesson teaches administrators, marketers, and other business professionals how to use the Integration hub service to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting yor Sitefinity instance and its sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity .NET Core and leverage its decoupled architecture and new way of coding against the platform.

Was this article helpful?

Yes No

Would you like to submit additional feedback?

Your feedback about this content is important

How helpful is this article?

Very helpful Somewhat helpful Not helpful

How can we improve this article?(Optional)

Fix typos or links

Fix incorrect information

Add or update code samples

Add or update illustrations

Add information about...

Send feedback Cancel