- Content Security Policy
The server supplies headers that indicate the type of content that a page, and its embedded resources, are likely to supply.
Instructions for testing (on Karaf, EAP, and Spring Boot):
- Check the following header is being set in all requests:
- Check the browser console doesn't have any error messages mentioning Content Security Policy.
- Do a quick smoke test.