web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages / Power Pages : Setting ...
Power Pages
Unanswered

Power Pages : Setting Content Security Policy Headers

(1) ShareShare
ReportReport
Posted on by vkartikiyer 20
Hi Team,
 
We have Power Pages website and as per security scan we need to set the CSP policy , I have added few directives for CSP but security scan still shows following directives are missing

default-src
code-injection-objective
form-action-objective
reporting-objective

Let me know if you have any inputs regarding the same.
 
Regards
Categories:
Security
I have the same question (0)
  • Michael E. Gernaey Profile Picture
    Michael E. Gernaey 53,969 Moderator on at
    Hi,
     
    I'd have to see exactly what you set. It should have covered these. I am going to assume you synced etc?
  • vkartikiyer Profile Picture
    vkartikiyer 20 on at
    Hi FLMike ,
     
    Thanks for response.
    I am able to set default-src and other directives , only issue right now script-src tag.
    Following is the setting for CSP

    default-src https: 'unsafe-inline';font-src https: 'unsafe-inline';img-src https: 'unsafe-inline';style-src https: 'unsafe-inline';form-action https: 'unsafe-inline';script-src https: 'nonce' 'unsafe-inline';
     
    script-src tag is not allowing eval function to work without 'unsafe-eval' tag which is highlighted as security issue
    Also , we have inline action which is failing because of script-src settings
    Following is the snapshot

    Without 'unsafe-eval' tag


    Inline event Handler issue with script-src tag

     
     
    Also in Advance setting I don't see any tag for following directives which is reported as security issue
    code-injection-objective
    reporting-objective
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the February Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Pages

#1
DP_Prabh Profile Picture

DP_Prabh 41

#2
oliver.rodrigues Profile Picture

oliver.rodrigues 35 Most Valuable Professional

#3
rezarizvii Profile Picture

rezarizvii 28

Last 30 days Overall leaderboard

Featured topics

Solution to LinkedIn Authentication in Power Apps Portals
Welcome to the Power Pages forum!

Product updates

Microsoft Power Platform Community release plans