{"id":3361,"date":"2025-04-16T07:18:46","date_gmt":"2025-04-16T07:18:46","guid":{"rendered":"https:\/\/www.skybridgeinfotech.com\/blog\/?p=3361"},"modified":"2025-06-24T10:40:22","modified_gmt":"2025-06-24T10:40:22","slug":"content-security-policy-in-sitecore","status":"publish","type":"post","link":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/","title":{"rendered":"Content Security Policy in Sitecore"},"content":{"rendered":"\n<h2 class=\"wp-block-heading has-ast-global-color-5-color has-midnight-gradient-background has-text-color has-background has-link-color wp-elements-23405eadf24c52c72cdb7ea6c8fce95c\"><strong><strong><strong>Content Security Policy in Sitecore<\/strong><\/strong><\/strong><\/h2>\n\n\n\n<p>Did you hear your website is failed on the content audit before it is going live? Mentioning that the implementation has the incorrect or missing Content security policy domains. Basically, Content security policy is helps to prevent or minimize from certain types of threats. <\/p>\n\n\n\n<p><strong>What is CSP and it is purpose?<\/strong><\/p>\n\n\n\n<p>As per the <a href=\"https:\/\/content-security-policy.com\/\">https:\/\/content-security-policy.com\/<\/a> the CSP is the name of a Http response header that modern browser use to enhance the security of the document or a web page.<\/p>\n\n\n\n<p>The main purpose of the CSP is to prevent XSS (Cross Site Scripting) attacks and it is preventing to load the unauthorize or harmful content your website. Cross site scripting is basically to attack the website by using the script injections from another domain and CSP (Content Security Policy) is define that which domain should be allowed to what type of the content on the document or a website.<\/p>\n\n\n\n<p>By chance the CSS or JS is hosted on the external website like CDN\u2019s and those CDN hosts should be listed under some directives like default &#8211; src. There are more directives are there will see details in the below,<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>Directives<\/strong><\/td><td><strong>Purposes<\/strong><\/td><\/tr><tr><td>default-src<\/td><td>It defines the default policy to fetching resources such as JavaScript, CSS, fonts, AJAX requests, Frames, HTML5 Media.<\/td><\/tr><tr><td>script-src<\/td><td>This directive is used to define the JavaScript resources.<\/td><\/tr><tr><td>style-src<\/td><td>This directive is used to obtain the CSS resources.<\/td><\/tr><tr><td>img-src<\/td><td>This directive is used to obtain the external images.<\/td><\/tr><tr><td>connect-src<\/td><td>It helps define the AJAX, WebSocket, fetch() event sources.<\/td><\/tr><tr><td>font-src<\/td><td>This directive supports fonts sources.<\/td><\/tr><tr><td>media-src<\/td><td>This directive is used to obtain the source of audio and videos.<\/td><\/tr><tr><td>frame-src<\/td><td>It helps to load the valid iframes on the document or a website.<\/td><\/tr><\/tbody><\/table><figcaption class=\"wp-element-caption\">The expressions are the key to instruct the directive which means based on this expression the directive resources will be react on the website.<\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>Source expression<\/strong><\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong>Purpose<\/strong><\/th><\/tr><\/thead><tbody><tr><td>\u2018self\u2019<\/td><td class=\"has-text-align-left\" data-align=\"left\">It allows to load the resources only from the host origin.<\/td><\/tr><tr><td>\u2018unsafe-inline\u2019<\/td><td class=\"has-text-align-left\" data-align=\"left\">It allows to use the style, onclick attributes or inline scripts in the website<\/td><\/tr><tr><td>\u2018unsafe-eval\u2019<\/td><td class=\"has-text-align-left\" data-align=\"left\">It allows to use the script functions function (), eval (), setTimeout () which commonly used on the scripts.<\/td><\/tr><tr><td>\u2018none\u2019<\/td><td class=\"has-text-align-left\" data-align=\"left\">It will prevent to load the resources from the directives.<\/td><\/tr><tr><td>\u2018*\u2019<\/td><td class=\"has-text-align-left\" data-align=\"left\">Allows all resources from the directives.<\/td><\/tr><\/tbody><\/table><figcaption class=\"wp-element-caption\"><strong>Content Security Policy Examples and Validations<\/strong><br><br><strong>Examples:<\/strong><br><em>default-src \u2018self\u2019 <\/em>It allows everything from the same origin of the website.<br><em>script-src \u2018self\u2019 <\/em>It allows scripts from the same origin of the website.<br><em>script-src \u2018self\u2019 <\/em><a href=\"http:\/\/www.google-analytics.com\"><em>www.google &#8211; analytics.com<\/em><\/a> It allows script from the google analytics and same origin.<br><br><strong>Validations:<\/strong><br><br><em>Refused to load the script &#8216;script-uri&#8217; because it violates the following Content Security Policy directive: &#8220;your CSP directive&#8221;.<\/em><br>This error message when the content security policy doesn\u2019t match with define policy for the website and the error messages may vary with different browser but message is the same. Let say if other than the mentioned origin script is try to load on the website it will through above error.<br><br><strong>Ways to implement the CSP<\/strong><br><br>There are multiple ways to implement the Content Security Policy for the website here I am trying to explain the with .Net or event Sitecore.<br><br>In the .Net or Sitecore projects the simplest way to implement the CSP is Web.config file, the implementation is below like this,<\/figcaption><\/figure>\n\n\n\n<p><em><strong>&lt;httpProtocol&gt;<\/strong><\/em><\/p>\n\n\n\n<p><em>&nbsp; &lt;customHeaders&gt;<\/em><\/p>\n\n\n\n<p><em>&nbsp;&nbsp;&nbsp; &lt;remove name=&#8221;X-Powered-By&#8221; \/&gt;<\/em><\/p>\n\n\n\n<p><em>&nbsp;&nbsp;&nbsp; &lt;remove name=&#8221;X-Content-Type-Options&#8221;\/&gt;<\/em><\/p>\n\n\n\n<p><em>&nbsp;&nbsp;&nbsp; &lt;remove name=&#8221;X-XSS-Protection&#8221;\/&gt;<\/em><\/p>\n\n\n\n<p><em>&nbsp;&nbsp;&nbsp; &lt;remove name=&#8221;Content-Security-Policy&#8221;\/&gt;<\/em><\/p>\n\n\n\n<p><em>&nbsp;&nbsp;&nbsp; &lt;add name=&#8221;X-XSS-Protection&#8221; value=&#8221;1; mode=block&#8221;\/&gt;<\/em><\/p>\n\n\n\n<p><em>&nbsp;&nbsp;&nbsp; &lt;add name=&#8221;X-Content-Type-Options&#8221; value=&#8221;nosniff &#8220;\/&gt;<\/em><\/p>\n\n\n\n<p><em>&nbsp;&nbsp;&nbsp; &lt;add name=&#8221;Content-Security-Policy&#8221; value=&#8221;default-src &#8216;self&#8217; &#8216;unsafe-inline&#8217; &#8216;unsafe-eval&#8217; https:\/\/apps.sitecore.net; script-src &#8216;self&#8217; &#8216;unsafe-inline&#8217; &#8216;unsafe-eval&#8217; https:\/\/www.googletagmanager.com https:\/\/www.google-analytics.com https:\/\/www.buzzsprout.com; img-src &#8216;self&#8217; data: https:\/\/assets.buzzsprout.com https:\/\/bat.bing.com; style-src &#8216;self&#8217; &#8216;unsafe-inline&#8217; https:\/\/fonts.googleapis.com https:\/\/cloud.typenetwork.com https:\/\/assets.buzzsprout.com; font-src &#8216;self&#8217; &#8216;unsafe-inline&#8217; https:\/\/fonts.gstatic.com https:\/\/cloud.typenetwork.com; child-src &#8216;self&#8217; &#8216;unsafe-inline&#8217; https:\/\/player.brightcove.net https:\/\/www.buzzsprout.com; upgrade-insecure-requests;&nbsp; block-all-mixed-content;&#8221;\/&gt;&nbsp;&nbsp;&nbsp;<\/em><\/p>\n\n\n\n<p><em>&nbsp; &lt;\/customHeaders&gt;<\/em><\/p>\n\n\n\n<p><em>&lt;\/httpProtocol&gt;<\/em><\/p>\n\n\n\n<p>Other ways to implement the CSP by programmatically that I will explain in detail with upcoming blog series.<\/p>\n\n\n\n<p class=\"has-ast-global-color-5-color has-midnight-gradient-background has-text-color has-background has-link-color wp-elements-88e6103117bcc1777ab5025654494569\"><strong>Conclusion<\/strong><\/p>\n\n\n\n<p>The Content Security Policy is helps to protect the website from the attacks and more of security purposes this CSP is common thing for the for the all public websites to make the website safe and secure. There are pros and cons of the CSP implementations each one has it\u2019s own purpose and let\u2019s discuss this in a upcoming blog series.<\/p>\n\n\n\n<p>Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Content Security Policy in Sitecore Did you hear your website is failed on the content audit before it is going [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3413,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"blog-details.php","format":"standard","meta":{"_acf_changed":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[91,872],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\r\n<title>Content Security Policies In Sitecore - Skybridge Infotech USA India<\/title>\r\n<meta name=\"description\" content=\"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).\" \/>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/\" \/>\r\n<meta property=\"og:locale\" content=\"en_US\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"Content Security Policies in Sitecore - Skybridge Infotech USA India\" \/>\r\n<meta property=\"og:description\" content=\"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/\" \/>\r\n<meta property=\"og:site_name\" content=\"Skybridge\" \/>\r\n<meta property=\"article:published_time\" content=\"2025-04-16T07:18:46+00:00\" \/>\r\n<meta property=\"article:modified_time\" content=\"2025-06-24T10:40:22+00:00\" \/>\r\n<meta property=\"og:image\" content=\"http:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png\" \/>\r\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\r\n\t<meta property=\"og:image:height\" content=\"800\" \/>\r\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\r\n<meta name=\"author\" content=\"admin\" \/>\r\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\r\n<meta name=\"twitter:title\" content=\"Content Security Policies in Sitecore - Skybridge Infotech USA India\" \/>\r\n<meta name=\"twitter:description\" content=\"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).\" \/>\r\n<meta name=\"twitter:image\" content=\"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png\" \/>\r\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/person\/0f15f3349a8eea9f6c89ae7dac0f3cbc\"},\"headline\":\"Content Security Policy in Sitecore\",\"datePublished\":\"2025-04-16T07:18:46+00:00\",\"dateModified\":\"2025-06-24T10:40:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/\"},\"wordCount\":815,\"publisher\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png\",\"articleSection\":[\"Web Design and Development\",\"Web Development\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/\",\"url\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/\",\"name\":\"Content Security Policies In Sitecore - Skybridge Infotech USA India\",\"isPartOf\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png\",\"datePublished\":\"2025-04-16T07:18:46+00:00\",\"dateModified\":\"2025-06-24T10:40:22+00:00\",\"description\":\"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).\",\"breadcrumb\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage\",\"url\":\"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png\",\"contentUrl\":\"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png\",\"width\":1200,\"height\":800,\"caption\":\"Content Security Policies In Sitecore - Skybridge Infotech USA India\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.skybridgeinfotech.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Content Security Policy in Sitecore\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#website\",\"url\":\"https:\/\/www.skybridgeinfotech.com\/blog\/\",\"name\":\"Skybridge\",\"description\":\"Skybridge\",\"publisher\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.skybridgeinfotech.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#organization\",\"name\":\"Skybridge\",\"url\":\"https:\/\/www.skybridgeinfotech.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"http:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2024\/02\/logo.png\",\"contentUrl\":\"http:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2024\/02\/logo.png\",\"width\":197,\"height\":73,\"caption\":\"Skybridge\"},\"image\":{\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/person\/0f15f3349a8eea9f6c89ae7dac0f3cbc\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/118323199c026a712094dacfeb0b28dc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/118323199c026a712094dacfeb0b28dc?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/www.skybridgeinfotech.com\/blog\"],\"url\":\"https:\/\/www.skybridgeinfotech.com\/blog\/author\/admin\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Content Security Policies In Sitecore - Skybridge Infotech USA India","description":"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/","og_locale":"en_US","og_type":"article","og_title":"Content Security Policies in Sitecore - Skybridge Infotech USA India","og_description":"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).","og_url":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/","og_site_name":"Skybridge","article_published_time":"2025-04-16T07:18:46+00:00","article_modified_time":"2025-06-24T10:40:22+00:00","og_image":[{"width":1200,"height":800,"url":"http:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png","type":"image\/png"}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"Content Security Policies in Sitecore - Skybridge Infotech USA India","twitter_description":"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).","twitter_image":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png","twitter_misc":{"Written by":"admin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#article","isPartOf":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/"},"author":{"name":"admin","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/person\/0f15f3349a8eea9f6c89ae7dac0f3cbc"},"headline":"Content Security Policy in Sitecore","datePublished":"2025-04-16T07:18:46+00:00","dateModified":"2025-06-24T10:40:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/"},"wordCount":815,"publisher":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage"},"thumbnailUrl":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png","articleSection":["Web Design and Development","Web Development"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/","url":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/","name":"Content Security Policies In Sitecore - Skybridge Infotech USA India","isPartOf":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage"},"image":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage"},"thumbnailUrl":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png","datePublished":"2025-04-16T07:18:46+00:00","dateModified":"2025-06-24T10:40:22+00:00","description":"Skybridge Infotech, a Sitecore Certified Implementation Partner, emphasizes robust security practices in their Sitecore projects, including the implementation of Content Security Policies (CSP).","breadcrumb":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#primaryimage","url":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png","contentUrl":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2025\/06\/9_Content-Security-Policy-in-Sitecore.png","width":1200,"height":800,"caption":"Content Security Policies In Sitecore - Skybridge Infotech USA India"},{"@type":"BreadcrumbList","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/content-security-policy-in-sitecore\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.skybridgeinfotech.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Content Security Policy in Sitecore"}]},{"@type":"WebSite","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#website","url":"https:\/\/www.skybridgeinfotech.com\/blog\/","name":"Skybridge","description":"Skybridge","publisher":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.skybridgeinfotech.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#organization","name":"Skybridge","url":"https:\/\/www.skybridgeinfotech.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/logo\/image\/","url":"http:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2024\/02\/logo.png","contentUrl":"http:\/\/www.skybridgeinfotech.com\/blog\/wp-content\/uploads\/2024\/02\/logo.png","width":197,"height":73,"caption":"Skybridge"},"image":{"@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/person\/0f15f3349a8eea9f6c89ae7dac0f3cbc","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.skybridgeinfotech.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/118323199c026a712094dacfeb0b28dc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/118323199c026a712094dacfeb0b28dc?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/www.skybridgeinfotech.com\/blog"],"url":"https:\/\/www.skybridgeinfotech.com\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/posts\/3361"}],"collection":[{"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/comments?post=3361"}],"version-history":[{"count":6,"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/posts\/3361\/revisions"}],"predecessor-version":[{"id":3370,"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/posts\/3361\/revisions\/3370"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/media\/3413"}],"wp:attachment":[{"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/media?parent=3361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/categories?post=3361"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skybridgeinfotech.com\/blog\/wp-json\/wp\/v2\/tags?post=3361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}