On this page can set the __Content Security Policy (CSP)__ and various other security HTTP headers.\\
External link\\ 
[https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP|https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP]
\\ 
[{Image src='webinterfacecsp.jpg' width='..' height='..' align='left' style='..' class='..' }]\\
\\
The CSP header comes with default policy 
{{{
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval'
}}}
\\\
not visible in the GUI. The __Domains Allowed__ field extend the policy with external source domain directives.\\
The __Other Headers__ section comes prefilled with STS, Referrer-Policy, X-Content-Type and XSS policy headers. \\
Can add up to 20 additional headers in this section, this may be extended in future releases.\\