Browse Source

mention the importance of CSP headers in the readme

master
ansuz 3 years ago
parent
commit
304c7b7fe4
1 changed files with 5 additions and 0 deletions
  1. 5
      readme.md

5
readme.md

@ -47,6 +47,11 @@ Attributes in the config should have comments indicating how they are used.
$EDITOR config.js
```
If you are deploying CryptPad in a production environment, we recommend that you take the time to understand and correctly customize your server's [Content Security Policy headers](https://content-security-policy.com/).
Modern browsers use these headers to allow or deny actions from malicious clients which could compromise the confidentiality of your user's data.
These settings can be found in your configuration file in the `contentSecurity` and `padContentSecurity` sections.
## Maintenance
To get access to the most recent codebase:

Loading…
Cancel
Save