Replies: 0
Hey guys,
I have a problem with my Forminator plugin. I want to increase the security of my website. Here https://securityheaders.com/ I get:
This policy contains ‘unsafe-inline’ which is dangerous in the script-src directive. This policy contains ‘unsafe-eval’ which is dangerous in the script-src
Header always set Content-Security-Policy "upgrade-insecure-requests; script-src 'self' 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.google.com www.gstatic.com www.fonts.gstatic.com www.api.openai.com code.jquery.com www.google.com/recaptcha/ www.static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 www.cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js cdnjs.cloudflare.com www.cdnjs.cloudflare.com cdn-cookieyes.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com *.googleusercontent.com blob:; frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.google.com https://www.google.com/maps/ www.metercustom.net/test/;"
Everything works fine after getting rid of unsafe-eval, except for the Contact Form from Forminator.
So can someone help?
Header always set Content-Security-Policy "upgrade-insecure-requests; script-src 'self' static.cloudflareinsights.com www.google.com www.gstatic.com www.fonts.gstatic.com www.api.openai.com code.jquery.com www.google.com/recaptcha/ cdnjs.cloudflare.com cdn-cookieyes.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com *.googleusercontent.com blob:; frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ *.google.com https://www.google.com/maps/ www.metercustom.net/test/;"