On this page can set the Content Security Policy (CSP) and various other security HTTP headers.
External link
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
 |
The CSP header comes with default policy
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
not visible in the GUI. The Domains Allowed field extend the policy with external source domain directives.
The Other Headers section comes prefilled with:
- STS External link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
- Referrer-Policy
- X-Content-Type
- XSS policy headers
Can add up to 20 additional headers in this section, this may be extended in future releases.
Add new attachment
Only authorized users are allowed to upload new attachments.
List of attachments
| Kind | Attachment Name | Size | Version | Date Modified | Author | Change note |
|---|---|---|---|---|---|---|
jpg |
webinterfacecsp.jpg | 109.0 kB | 1 | 05-Dec-2023 05:32 | Ada Csaba | |
jpg |
webinterfacecsp_2.jpg | 339.0 kB | 1 | 05-Dec-2023 05:32 | Ada Csaba |
«
This particular version was published on 05-Dec-2023 05:32 by Ada Csaba.
G’day (anonymous guest)
Log in
CrushFTP11 | What's New
- WebInterface
- Server Admin
- User Manager
- Client Apps
- CrushBalance Load Balancer
- High Availability
- Self Registration
- Preferences
- Email Templates
- Restrictions
- Replication
- Banning
- Logging
- Encryption
- Alerts
- Folder Monitor
- Tunnels
- Syncs
- User Config
- Search Config
- Preview
- Misc
- Plugins
- Manage Shares
- PGP
- Telnet
- FAQ
- API
- Linux Install
- Virtual Linux Server
- Server Variables
- Google Authenticator and Microsoft Authenticator
- AS2 EDI
JSPWiki