MyBB Community Forums

Full Version: Security: Content Security Policy
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
You might want to set a content security policy header for privileged areas (ucp, mcp, acp) and the login / registration pages. Ideally, you would do it globally tbh, it should help to kill off any unwanted scripts that might be running for whatever reason, whether it's a XSS flaw or something else.