[RCU] Content Security Policy for Roundcube
jlbrown at bordo.com.au
Thu Jul 25 10:23:41 CEST 2019
Additionally at logout I get the message
"PHP Error: Request security check failed
REQUEST CHECK FAILED
For your protection, access to this resource is secured against CSRF.
If you see this, you probably didn't log out before leaving the web application.
Human interaction is now required to continue."
Please contact your server-administrator.
Commenting out the CSP line in https.conf fixed it.
Header set Content-Security-Policy "default-src 'self'; form-action 'self'; frame-ancestors 'self'; base-uri ‘self'
Is there a recommended CSP for Roundcube?
More information about the users