What is covered in this article?
What is Content-Security-Policy?
Content-Security-Policy is the name of a HTTP response header that modern browsers use to enhance the security of the document (or web page). The Content-Security-Policy header allows you to restrict how resources such as JavaScript, CSS, or pretty much anything that the browser loads. Although it is primarily used as a HTTP response header, you can also apply it via a meta tag. The term Content Security Policy is often abbreviated as CSP.
Making Enquiry Tracker Forms work with CSP
To allow the loading of Enquiry Tracker forms on your school website. The code below must be added to the web server config file - *.conf.
For example, the line below is for an Apache web server
Header set Content-Security-Policy "child-src app.enquirytracker.net;”
Once this has been addd, the forms will load correctly on your site.