We are having a problem with NWebsec and Umbraco - we are trying to secure our site as much as possible therefore have unsafeEval and unsafeInline turned off - this then breaks umbraco.
In v8 we could add a second web.config into the Umbraco folder and then enable unsafeeval and unsafeinline specifically within that web config to allow the back office to load.
Now within v9 we can no longer do that - does anyone know a way around having to enable unsafeEval and unsafeInline in order to get Umbraco to load.
Umbraco 9 setup - Content security policy
Hi all,
We are having a problem with NWebsec and Umbraco - we are trying to secure our site as much as possible therefore have unsafeEval and unsafeInline turned off - this then breaks umbraco.
In v8 we could add a second web.config into the Umbraco folder and then enable unsafeeval and unsafeinline specifically within that web config to allow the back office to load.
Now within v9 we can no longer do that - does anyone know a way around having to enable unsafeEval and unsafeInline in order to get Umbraco to load.
Thanks Dale
is working on a reply...