Support » Everything else WordPress » Content Security Policy for a wordpress site

  • Resolved terungwa


    in mitigating the risk of cross-site scripting and other content-injection attacks I set up a Content Security Policy which whitelists trusted sources of content for my site.

    In crafting a reasonable policy for my site i have set out to creating a whitelist of scripts, I needed to know the different sources of scripts loaded by wordpress as it is impossible to come up with a reasonable policy without this details.

    I was wondering if anyone has dealt with this issue on their site.

    I would appreciate feedback.

    Regards to all.

Viewing 2 replies - 1 through 2 (of 2 total)
  • esmi


    Forum Moderator

    WordPress itself does not load scripts from anywhere else. It is completely self-contained. as yo your theme and plugins – you’ll need to investigate each of them separately.

    Thanks, one less variable to deal with on my list.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Content Security Policy for a wordpress site’ is closed to new replies.