I am working on setting up a content security policy for my site. Documentation about this says to avoid inline script and css, but with WordPress and W3 Total Cache, most everything becomes inline script and css. I can set a content security policy to allow ‘unsafe-inline’ but from what I read, that greatly diminishes the strength of my content security policy.
Any suggestions as to how to set a strong content security policy while using W3TC would be appreciated.
I am using WordFence Premium to protect my site so maybe I am worrying needlessly.
- The topic ‘W3TC and Content Security Policy’ is closed to new replies.