jaxon-core icon indicating copy to clipboard operation
jaxon-core copied to clipboard

Published 20 hours ago verified publisher icon jaxon-php

CSP if SSL is in use...

Open tom-lp-at opened this issue 2 years ago • 0 comments

Dear Feuzeu, i have a strange problem and can not figure out where it comes from. I write my application in CI 4.2.7 and developed the hole time without SSL (local http only). After i deployed the application in his first state, i recognized that "Content-Security-Header" are send. But in CI and on NGinx is no injection of CSP Headers enabled. If i do, the CSP-Header are twice... The strange thing : grafik In this CSP is jaxon-php in the list, so i assume that the SPF is injected by jaxon-php. I search around in the source of jaxon-php but can´t find any "mystery" thing´s that happens... Do you have a clue where the CSP is come from?

kr Tom

tom-lp-at avatar Nov 07 '22 11:11 tom-lp-at