Topics

All topics

Disable the Content-Security-Policy header

RECOMENDATION: We do not recommend disabling the Content-Security-Header. This can make your site vulnerable to various attacks, such as Cross-Site Scripting (XSS). We recommend configuring the header instead.
For more information, see Configure Content-Security-Policy header.

To disable sending the header, perform the following:

Open the Program.cs file of Sitefinity ASP.NET Core Renderer.
Modify the services section in the following way:
Save and close the Program.cs file.
Build and deploy the renderer application.

Want to learn more?

Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.

Get started with Integration Hub | Sitefinity Cloud

This free lesson teaches administrators, marketers, and other business professionals how to use the Integration hub service to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting your Sitefinity instance and its sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.

Was this article helpful?

Yes No

CSP header syntax reference

Topics

Disable the Content-Security-Policy header

NEW TO SITEFINITY?

Want to learn more?

Tags

Was this article helpful?

Would you like to submit additional feedback?

Next article