• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

    • 😌 This community is user driven. Be polite with other users.
    • 👉 Is required to purchase a Chevereto license to participate in this community (doesn't apply to Pre-sales).
    • 💸 Purchase a Pro Subscription to get access to active software support and faster ticket response times.

Add CSP and Referrer policy

guzzisti

Chevereto Member
Pro
As of version 3.13.4, Chevereto does not come with a Content Security Policy nor a Referrer Policy set.

I set a Referrer Policy by manually editing /app/themes/Peafowl/head.php, but that will most likely be overwritten by the next update.
From my point of view Chevereto should set valid policys respecting user data by default.
 
In Deutsch
-------------
Damit die gemachten manuellen änderungen bei einem Update nicht automatisch überschrieben werden ist es möglich in folgendem Ordner die gewünschte Datei "head.php" anzulegen.

Ordner: /app/themes/Peafowl/custom_hooks

Alternativ kannst Du auch den Ordner Peafowl kopieren und umbennen zum beispiel in "Peafowl_self" und dort deine Änderungen machen ohne das sie bei einem Update verloren gehen können.

--------------------------
Translatet into english
--------------------------
In order to avoid automatically overwriting the manual changes made during an update, it is possible to create the desired file "head.php" in the following folder.

Folder: /app/themes/peafowl/custom_hooks

Alternatively, you can also copy and rename the folder Peafowl for example in "Peafowl_self" and make your changes there without them being lost in an update.
 
@DeCysos Danke für den Hinweis, das hab ich glatt übersehen. :)

@Rodolfo
For Referer Policy i added this meta tag:
HTML:
<meta name="referrer" content="no-referrer">

I have yet to find a working CSP tag.
 
Thanks for your response. According to the provided link, only the Referrer policy is deprecated, not CSP as a whole.

Anyway...i will stick with the custom hocks at the moment.
 
Back
Top