Forum Discussion

Cirrus

Aug 15, 2023

Solved

captcha not show after enable header security

I have a problem when i enable header security link article https://my.f5.com/manage/s/article/K57207881 But captcha not show How to check this problem

application delivery

Amine_Kadimi

Aug 21, 2023

You need then to allow google recaptcha URLs. Something like that:

if {!([HTTP::header exists "Content-Security-Policy"])} {
       HTTP::header insert Content-Security-Policy "default-src 'self'; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; font-src 'self'; img-src 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; upgrade-insecure-requests"
}

Frequently Asked Questions | reCAPTCHA | Google for Developers

Amine_Kadimi

MVP

Aug 17, 2023

What exact captcha are you referring to?

What is the security headers configuration you've implemented?

Anzine321

Cirrus

Aug 17, 2023

the format that i inspect png, and image broken

i removed this rule and the captcha show again, i dont know what exactly should i modify this parameter

if {!([HTTP::header exists "Content-Security-Policy"])} {
HTTP::header insert Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self'; frame-src 'self'; upgrade-insecure-requests"

Thanks

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)