Help
FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
Srija_RedA
Staff
Staff

Created on ‎04-15-2024 07:30 AM

Article Id 309812

Technical Tip: FortiWeb Cloud Content Security Policy configuration

Description

This article describes how to add a Content Security Policy (CSP) header to prevent XSS and data injection attacks and explains the effects.
Scope FortiWeb Cloud, FortiWeb VM.
Solution

If there is an existing CSP header on the website or application and this policy on FortiWeb cloud under HTTP header security is enabled, FortiWeb Cloud will replace the CSP header.

 

Simple Apache website before FortiWeb cloud:

 

fweb1.png

 

FortiWeb Cloud CSP header policy:

 

fweb3.png 

 After FortiWeb cloud:

 

fweb2.png
Preview file
103 KB
Preview file
120 KB
Preview file
269 KB
91
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.