1 Answer
- Newest
- Most votes
- Most comments
1
Both ALB and WAF are unable to add CSP HTTP header. You can configure your host web server to include the necessary CSP header.
Alternatively, you can put Amazon CloudFront in front of your ALB, and use either a managed or custom Response Headers Policy (screen shot below)
Relevant content
- asked 2 years ago
- asked 5 months ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago