How to add a content security policy

Content Security Policy (CSP) is a browser feature that that helps to detect and prevent certain types of attacks, mostly Cross-Site Scripting (XSS). While Framer sites are secure by default, using a CSP can function as additional layer of security.

You can add a Content Security Policy in Framer by setting a meta tag via custom code. The policy will be applied to everything after the tag so make sure you set it at the start of the head tag and always insert additional scripts after.

Example Content Security Policy. Note that the policy in the screenshot will intentionally make the site break; please use a tool like Report URI to create your own.

Content Security Policy meta tag vs Content Security Policy header

The meta tag has the same effect as setting the policy via HTTP headers, with the only drawback of somewhat worse site performance. If you want to set the policy via headers, you need to configure a reverse proxy.

How to add a content security policy

Content Security Policy meta tag vs Content Security Policy header

Copy Logo as SVG

Brand

Help Center

Contact Us

Emergency

Status

Layout

CMS

Localization

AI

Forms

Effects

SEO

Navigation

Management

Marketplace

Gallery

Academy

Customers

Blog

Partners

Experts

Community

Meetups