• Welcome to the Chevereto User Community!

    Here, users from all over the world come together to learn, share, and collaborate on everything related to Chevereto. It's a place to exchange ideas, ask questions, and help improve the software.

    Please keep in mind:

    • This community is user-driven. Always be polite and respectful to others.
    • Support development by purchasing a Chevereto license, which also gives you priority support.
    • Go further by joining the Community Subscription for even faster response times and to help sustain this space

Add CSP and Referrer policy

G

guzzisti

Chevereto Member
As of version 3.13.4, Chevereto does not come with a Content Security Policy nor a Referrer Policy set.

I set a Referrer Policy by manually editing /app/themes/Peafowl/head.php, but that will most likely be overwritten by the next update.
From my point of view Chevereto should set valid policys respecting user data by default.
 
In Deutsch
-------------
Damit die gemachten manuellen änderungen bei einem Update nicht automatisch überschrieben werden ist es möglich in folgendem Ordner die gewünschte Datei "head.php" anzulegen.

Ordner: /app/themes/Peafowl/custom_hooks

Alternativ kannst Du auch den Ordner Peafowl kopieren und umbennen zum beispiel in "Peafowl_self" und dort deine Änderungen machen ohne das sie bei einem Update verloren gehen können.

--------------------------
Translatet into english
--------------------------
In order to avoid automatically overwriting the manual changes made during an update, it is possible to create the desired file "head.php" in the following folder.

Folder: /app/themes/peafowl/custom_hooks

Alternatively, you can also copy and rename the folder Peafowl for example in "Peafowl_self" and make your changes there without them being lost in an update.
 
@DeCysos Danke für den Hinweis, das hab ich glatt übersehen. 🙂

@Rodolfo
For Referer Policy i added this meta tag:
HTML: 
<meta name="referrer" content="no-referrer">

I have yet to find a working CSP tag.
 
Thanks for your response. According to the provided link, only the Referrer policy is deprecated, not CSP as a whole.

Anyway...i will stick with the custom hocks at the moment.
 
You must log in or register to reply here.
Back
Top