Keyword

Header Content-Security-Policy

  • roland
  • roland's Avatar Topic Author
  • Offline
  • New Member
More
5 days 1 hour ago #171516 by roland
roland created the topic: Header Content-Security-Policy
Hi,

My company cybersecutity team requests that the Header Content-Security-Policy be set for the web site. Even if I set this header in a quite permissive way, allvideos stops showing the mp4 video. Instead it shows a blank white screen area on the browser. The setting is:

Header set Content-Security-Policy "default-src 'self' 'unsafe-inline'"

I need this to work, what is your suggestion.

br
Roland

Please Log in or Create an account to join the conversation.

  • Fotis
  • Fotis's Avatar
  • Online
  • Administrator
  • JoomlaWorks Support Team
More
4 days 21 hours ago #171528 by Fotis
Fotis replied the topic: Header Content-Security-Policy
Is the MP4 file located on a remote server perhaps?

I also recommend you check your available options for that header in this blog post by fellow Jooml-ers itoctopus: www.itoctopus.com/how-content-security-policy-can-help-protect-your-joomla-website


If you use & love K2, please take a moment to add your review and rate it
at the Joomla Extensions Directory: extensions.joomla.org/extension/k2/


IMPORTANT: Please search the forum before posting a question!

JoomlaWorks Support Team Member

Please Log in or Create an account to join the conversation.