19.2 How to secure a Web Page

1.  Create the Content Security Policy External Resource in the Partition CSP LANSA folder that you want to use with your web page:

2.  Edit the contents of your Content Security Policy:

a.  The Content Security Policy External Resource is a text file with lines for each directive (name-values). The text file must be encoded in UTF-8.

b.  If your style-src and script-src keywords don't include the 'unsafe-inline' value, you must add a nonce attribute (represented by the replacement variable %{nonce_hdr}%

3.  Edit the settings of your Web Page and select your Content Security Policy.

4.  Save and recompile your Web Page.

5.  Run your web page. The contents of your CSP external resource file are sent as HTTP headers.