CSP

CSP

by Martin Greenaway -
Number of replies: 2

Is it possible to use a Content Security Policy with Moodle?


Ref: https://developer.mozilla.org/en-US/docs/Web/Security/CSP

Average of ratings: -
In reply to Martin Greenaway

Er: CSP

by Iñigo Zendegi Urzelai -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Plugin developers

Hi,

I've done some tests with CSP and I've seen that you can add Content Security Policies to your Moodle just adding the headers to your config.php file.

This is an example for a Content-Security-Policy-Report-Only:

header("Content-Security-Policy-Report-Only: default-src https: 'unsafe-inline'; report-uri https://your.reportsite.com/");

Greetings.

Average of ratings: Useful (2)