Skip to content

Commit

Permalink
Add note about how to enable strict content security policy
Browse files Browse the repository at this point in the history
  • Loading branch information
martialblog committed Jun 14, 2024
1 parent fc4b5e3 commit 3edd529
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions doc/20-Advanced-Topics.md
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,16 @@ Therefore, you have to manually enable this policy explicitly and accept the ris
the Icinga Web modules. Icinga Web and all it's components listed below, on the other hand, fully support strict CSP. If
that's not the case, please submit an issue on GitHub in the respective repositories.

To enable the strict content security policy navigate to **Configuration > Application** and toggle "Enable strict content security policy",
or set the `use_strict_csp` in the `config.ini`.

```
vim /etc/icingaweb2/config.ini
[security]
use_strict_csp = "1"
```

Here is a list of all Icinga Web components that are capable of strict CSP.

| Name | CSP supported since |
Expand Down

0 comments on commit 3edd529

Please sign in to comment.