Facebook
Twitter- Server operating system version
- Ubuntu 20.04.5 LTS
- Plesk version and microupdate number
- Plesk Obsidian v18.0.49
Hi,
I'm currently trying to add Content Security Policy (CSP) headers to my website. The problem: Wherever I include those settings they're added to ALL files, even images. But I only want to add them on files with the content type "text/html".
I'm using Plesk in the nginx only mode.
It doesn't really make sense to put, e.g. "content-security-policy: frame-ancestors 'self'", on an image.
There's no difference if I put it in the "Additional headers" section or "Additional nginx directives". The result is the same.
Any help would be highly appreciated!
Best,
Benjamin
I'm currently trying to add Content Security Policy (CSP) headers to my website. The problem: Wherever I include those settings they're added to ALL files, even images. But I only want to add them on files with the content type "text/html".
I'm using Plesk in the nginx only mode.
It doesn't really make sense to put, e.g. "content-security-policy: frame-ancestors 'self'", on an image.
There's no difference if I put it in the "Additional headers" section or "Additional nginx directives". The result is the same.
Any help would be highly appreciated!
Best,
Benjamin
