Menu
I have single page app in which i only load index and every other request is ajax request.
Do i need to use CSP headers in those ajax responses or CSP is already enforced for everything after loading index ? So basically the only place i need to set content security policy headers is index?
338
So basically the only place i need to set content security policy headers is index?
Correct. CSP is applied to the document and is not affected by AJAX requests.
63
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
