Content Security Policy
Content Security Policy (CSP) is a crucial security feature for your web app. It consists of safety rules that are implemented when embedding your app into other websites. These rules define which sites are allowed to integrate your app's content.
Implementing CSP is essential for protecting your web app and its users from various threats. It helps prevent attacks like cross-site scripting (XSS) and content injections, which can lead to data theft, site defacement, and malware distribution. By using CSP, you can control which domains are authorized to load your app's resources and scripts, ensuring that they are only executed from trusted sources.
To implement CSP and add authorized sources for your web app, follow these steps:
- Go to the dashboard of your app
- Go to Settings > Web > Content Security Policy
- Within the CSP settings, you will find a field or area to specify authorized sources or domains.
- Add the domains or sources from where you want to allow your web app to be embedded. This ensures that your app's content is only displayed on authorized sites or frames.
- Save or apply the changes to activate the Content Security Policy.
By adding authorized sources, you are explicitly allowing specific domains or websites to embed your web app's content. This helps maintain control over where your app is used and protects it from unauthorized integration