Disable the Content-Security-Policy header
RECOMENDATION: We do not recommend disabling the Content-Security-Header. This can make your site vulnerable to various attacks, such as Cross-Site Scripting (XSS). We recommend configuring the header instead.
For more information, see Configure Content-Security-Policy header.
To disable sending the header, perform the following:
- Open the
Program.cs file of Sitefinity ASP.NET Core Renderer.
- Modify the services section in the following way:
- Save and close the
- Build and deploy the renderer application.