Where does cPanel add the Content-Security-Policy (CSP) header?

Jay3570 · Jun 15, 2020

I only see:

This setting enables the Content-Security-Policy (CSP) header on some WHM interfaces.

Which pages or tools in WHM or cPanel implement CSP?

cPanelLauren · Jun 16, 2020

You can enable or disable it at WHM>>Server Configuration>>Tweak Settings

Jay3570 · Jun 16, 2020

I know that. There's where I got the quote from. I'm asking which pages/tools is the CSP header active? I checked a few pages and didn't see it using the curl CLI command or various HTTP header scanners websites.

cPanelKenneth · Jun 16, 2020

At the moment, it looks like the header is only applied to the Locale management UIs, and the Fork Bomb Protection UI.

Thread starter	Similar threads	Forum	Replies	Date
I	Know where the files are in the processes	Security	7	Jul 22, 2020
	Where Does an IP get Blacklisted on cpHulk?	Security	3	Oct 5, 2015
I	Does cpanel stores wrong access password anywhere?	Security	4	Feb 7, 2011
	Where does cpanel store the whm remote access key?	Security	1	Jan 12, 2011
A	IP Deny - Where does it go?	Security	2	Oct 8, 2007

Search

Search

Where does cPanel add the Content-Security-Policy (CSP) header?

Jay3570

Active Member

cPanelLauren

Product Owner II

Jay3570

Active Member

cPanelKenneth

cPanel Development