web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages / Implementation of Cont...
Power Pages
Unanswered

Implementation of Content Security Policy impacting the performance of the site

(0) ShareShare
ReportReport
Posted on by 26

We implemented the Content Security Policy in our power pages site, but now CSS and JS is loading very slowly for each and every web page.

Is there any resolution in which we can implement CSP and it does not impact the performance of the website?

Categories:
I have the same question (0)
  • Lucas001 Profile Picture
    2,529 Super User 2026 Season 1 on at

    Hi @NikhilDey,

     

    it not affect your page loading time. Did you try it again some time later?

    Can you have a look at the network data and see what's taking so long and if it's really js and css.

     

    Did you implement a third party plugin or something similar? These seems to affect the loading time with enabled CSP.

     

  • NikhilDey Profile Picture
    26 on at

    Hi @Lucas001 ,

    Thank you for your reply.

     

    We have added the site settings in the power portal management, "HTTP/Content-Security-Policy" with value "script-src https: 'nonce'" due to which we are facing the performance issue.

    I think this may be happening because it is matching cryptographical nonce value with the above mentioned site settings header, which might have increased the processing time for applying the inline scripts.

     

    In our site we are not using any third party plugins as such which will increase the loading time significantly.

  • OOlashyn Profile Picture
    3,496 Most Valuable Professional on at

    Hi @NikhilDey ,

    Can you try to set HTTP/Content-Security-Policy/Inject-unsafe-eval to False and see if that improves things? Basically, when you enable CSP Power Pages inserts unsafe-eval to support automatic-evaluation of unsafe code (see at the end of this article https://learn.microsoft.com/en-us/power-pages/security/manage-content-security-policy) which in theory might affect performance. Keep in mind - this is needed for basic and multi-step forms so setting this to false might affect them. I would advise opening a ticket with MS regarding this - CSP shouldn't affect performance and I had instances in the past where after updating some site settings portal was slower and opening a ticket with MS and them doing something on the backend fixed that.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Leaderboard > Power Pages

#1
Hammed Profile Picture

Hammed 22

#2
Lucas001 Profile Picture

Lucas001 21 Super User 2026 Season 1

#3
DP_Prabh Profile Picture

DP_Prabh 19

Last 30 days Overall leaderboard