On this page can set the __Content Security Policy (CSP)__ and various other security HTTP headers.\\
External link\\ 
[https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP|https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP]
\\ 
[{Image src='webinterfacecsp.jpg' width='..' height='..' align='left' style='..' class='..' }]\\
\\
The CSP header comes with default policy 
{{{
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
}}}
\\\
not visible in the GUI. The __Domains Allowed__ field extend the policy with external source domain directives.\\
\\
The __Other Headers__ section comes prefilled with:\\
\\
*__STS__ [External link|https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security]
*__Referrer-Policy__
*__X-Content-Type__
*__XSS policy headers__
\\
Can add up to 20 additional headers in this section, this may be extended in future releases.\\