Best video I have ever seen on CSP, can you please assist any resource to apply CSP to my dotnet core api + angular application, I have implemented dynamic nonce in my application from server side but still in the document inside network tab (the very first sub tab behind fetch/xhr tab i.e inside all subtab) for every route or page it is still showing unsafe inline and unsafe eval.., although it is showing correct in the endpoints or inside requests under fetch/xhr under network tab, any resource or suggestions will help... Thaks
Honestly I have little to no experience with Dotnet, but the logic is pretty much the same. I assume that the backend only sets the headers here correct? Do you use nginx to serve your app?
And the fun part is, it's not showing under the document tab when I run it in local environment, after deployment it is showing incorrect under document tab
Hello @Code Deck , could you please push your changes to github.
Best video I have ever seen on CSP, can you please assist any resource to apply CSP to my dotnet core api + angular application, I have implemented dynamic nonce in my application from server side but still in the document inside network tab (the very first sub tab behind fetch/xhr tab i.e inside all subtab) for every route or page it is still showing unsafe inline and unsafe eval.., although it is showing correct in the endpoints or inside requests under fetch/xhr under network tab, any resource or suggestions will help... Thaks
Honestly I have little to no experience with Dotnet, but the logic is pretty much the same. I assume that the backend only sets the headers here correct? Do you use nginx to serve your app?
No I am using dotnet core api deployed on azure app services
I am setting the http response headers from the server side i.e. from the backend only
And the fun part is, it's not showing under the document tab when I run it in local environment, after deployment it is showing incorrect under document tab