Description |
This article describes how to add a Content Security Policy (CSP) header to prevent XSS and data injection attacks and explains the effects. |
Scope | FortiWeb Cloud, FortiWeb VM. |
Solution |
If there is an existing CSP header on the website or application and this policy on FortiWeb cloud under HTTP header security is enabled, FortiWeb Cloud will replace the CSP header.
Simple Apache website before FortiWeb cloud:
FortiWeb Cloud CSP header policy:
After FortiWeb cloud:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.