Home Admin System Security settings
Documentation
Configuration mode - System - Security settings

How do I override the default values of the Content Security Policy (CSP)?

Overriding the default values of the Content Security Policy (CSP) can be useful when there are sources that should only be allowed to load and/or execute specific scripts or content.

To configure this, go to configuration mode and then navigate to System > Security Settings. At the bottom, you will find the option Content Security Policy (CSP) – Override.

Here, the default values of the CSP can be overridden. Keep the following in mind:

  • 'self' can be used to refer to the environment itself. This allows the environment, for example, to load its own scripts.
  • An asterisk (*) can be used to allow all subdomains, for example by using https://*.i-reserve.net.
  • Example of a line (excluding font-src and img-src): 'self' https://www.i-reserve.net https://www.teqa.eu
  • For the font-src and img-src options, the data: scheme is added for domains other than the environment itself. Example of a line: 'self' data: https://www.i-reserve.net https://www.teqa.eu
Users
Usergroups
User profiles
Security settings
Anonimise settings
Oauth providers
Import
E-mail setup
i-Reserve User

User

Are you a user of I-Reserve and are you dealing with everyday matters concerning reservations? Then you will probably find the answers to your questions here.
i-Reserve Admin

Admin

Are you responsible for the configuration and implementation of i-Reserve? Then you will find the answers for your tasks in this category.
i-Reserve Developer

Developer

Are you a designer or programmer and are you dealing with the styling and/or development of the frontend? Then take a look around in this category.