LogoDOCUMENTATION

SELECT PRODUCT DOCUMENTATION

Sitefinity CMSSitefinity InsightSitefinity CloudKnowledge Base
Setup and maintenance
Set up the ASP.NET Core renderer
Set up Next.js renderer
User registration
Multisite
SiteSync
Site search
Languages and Translations
Notifications
Load balancing
Workflows
Page settings
Content related settings
Libraries settings
SEO settings
Other settings
Connect Sitefinity CMS to other systems
Optimize performance
Monitoring and Logging
HomeSet up Next.js rendererContent Security Policy (CSP) HTTP response headerConfigure Content-Security-Policy header

Configure Content-Security-Policy header

Overview

You can configure the Content-Security-Police HTTP header through the API in the next.config.js file of the Next.js renderer.

Configure CSP header

Perform the following:

  1. Open the next.config.js file of Sitefinity Next.js renderer.

  2. Extend the cspHeader with the required directives and sources
    EXAMPLE: To add a particular website as a secure source, modify the section in the following way:

    const cspHeader =     default-src https://*.example.com 'self';

  3. Save and close the next.config.js file.

  4. Build and deploy the renderer application.

Want to learn more?
Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.
course-book
Get started with Integration Hub | Sitefinity Cloud
This free lesson teaches administrators, marketers, and other business professionals how to use Sitefinity Integration Hub to create automated workflows between Sitefinity and other business systems.
course-book
Web Security for Sitefinity Administrators
This free lesson teaches administrators the basics about protecting your Sitefinity instance and your sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.
course-book
Foundations of Sitefinity ASP.NET Core Development
The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.
This Article Contains
OverviewConfigure CSP header
New to Sitefinity?
Get a demoPlatform overview
Documentation
About Sitefinity
Resources
Learn
New to Sitefinity
+1-888-365-2779