Walter.Web.FireWall
AddContentSecurityPolicyButTrust(TrustingSites,Boolean,FramesPolicy,Boolean) Method
Walter.Web.FireWall Assembly > Walter.Web.FireWall.Headers Namespace > ISecurityHeadersBuilder Interface > AddContentSecurityPolicyButTrust Method : AddContentSecurityPolicyButTrust(TrustingSites,Boolean,FramesPolicy,Boolean) Method
the list of sites you like to trust
AllowRaiseIncident in-line css and script, not advisable as it brakes security but sometimes needed
the frame policy used
if true it will only report violations in the browser, the firewall however will detect the violation and will trigger the appropriate firewall rules for CSP violators as well as flag the user as such
Determine what to trust, if only your own domain or those you flag trustworthy, and if external images or scripts are allowed to be injected
Syntax

Parameters

trustingSites
the list of sites you like to trust
allowInline
AllowRaiseIncident in-line css and script, not advisable as it brakes security but sometimes needed
framesPolicy
the frame policy used
reportOnly
if true it will only report violations in the browser, the firewall however will detect the violation and will trigger the appropriate firewall rules for CSP violators as well as flag the user as such

Return Value

returns the SecurityHeadersBuilder for continuance
Remarks
Content can be filtered when CSP violations have been detected post rendering after a browser reports it. Please note that malicious bots do not care about CSP policies and will use it to attack your site using exactly these policies that you think you're protecting against.
Requirements

Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

See Also

Reference

ISecurityHeadersBuilder Interface
ISecurityHeadersBuilder Members
Overload List