Open Closed

CSP header missing - How to set CSP correctly to mitigate XSS attacks #2394


User avatar
0
Rajasekhar created
  • ABP Framework version: v5.0.0
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

We have deployed the ABP application for security testing and we have got CSP header missing Vulnerability

Please let us know how to configure the sever to return Content Security Policy HTTP header.


2 Answer(s)
Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09