WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Content Security Policy for a wordpress site (3 posts)

  1. terungwa
    Member
    Posted 11 months ago #

    in mitigating the risk of cross-site scripting and other content-injection attacks I set up a Content Security Policy which whitelists trusted sources of content for my site.

    In crafting a reasonable policy for my site i have set out to creating a whitelist of scripts, I needed to know the different sources of scripts loaded by wordpress as it is impossible to come up with a reasonable policy without this details.

    I was wondering if anyone has dealt with this issue on their site.

    I would appreciate feedback.

    Regards to all.

  2. esmi
    Forum Moderator
    Posted 11 months ago #

    WordPress itself does not load scripts from anywhere else. It is completely self-contained. as yo your theme and plugins - you'll need to investigate each of them separately.

  3. terungwa
    Member
    Posted 11 months ago #

    Thanks, one less variable to deal with on my list.

Reply

You must log in to post.

About this Topic