05-01-2020, 02:38 PM
Hi,
CSP is not easy to implement in any circumstance, even if you have a static web site composed only of a bunch of HTML, CSS and JS files. On the contrary, CSP is hard... depending on the level of your requirements it can be *very* hard. Believe me, I've been there.
It is much simpler for you to just migrate to latest IW 15 and use the built-in functionality which is already prepared.
The problem is not only adding CSP headers to your response. All HTML, CSS and JS needs to be also considered and probably changed in order to comply with CSP.
CSP is not easy to implement in any circumstance, even if you have a static web site composed only of a bunch of HTML, CSS and JS files. On the contrary, CSP is hard... depending on the level of your requirements it can be *very* hard. Believe me, I've been there.
It is much simpler for you to just migrate to latest IW 15 and use the built-in functionality which is already prepared.
The problem is not only adding CSP headers to your response. All HTML, CSS and JS needs to be also considered and probably changed in order to comply with CSP.