HTTP security headers are a fundamental part of website security. Upon implementation, they protect you against the types of attacks that your site is most likely to come across. These headers protect against XSS, code injection, clickjacking, etc.
With SecureNative it's easy to set security headers in a few clicks without the need to restart your application:
Enabling security header
To enable a security header click on a security header name and select the desired value from the list.
Note: You can click on the information icon to get full details about the security header:
CSP (Content Security Policy)
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to the distribution of malware.
Configuring CSP Policy
SecureNative will automatically detects and collects the external content sources that violates your CSP policies, once you have loaded your web application in your browser you can see violations in your browser.