0👍
The not-so-good approach is to set a CSP using a tag (in the HTML document). So how to implement basic CSP in Vue.js?
To ensure that your server is providing the correct header on all responses, please open the js file containing your application server logic and append the following code:
app.use(function (req, res, next) {
res.setHeader(
'Content-Security-Policy', "default-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self'; frame-src 'self'"
);
next();
});
Don’t panic if your site looks terrible after this, implementing a proper Content Security Policy requires a lot of testing and correcting.
For more details refer to this guide: How to Enable Content Security
Policy in vuejs.
Source:stackexchange.com