We have published a test site consisting of some static html, js, css etc.
We’ve enabled the CSP Integration plugin and republished the site, but we cannot see the CSP stuff in the headers or in the html.
We’re obviously doing something wrong, so would appreciate any pointers?
Thanks for the reply and info SamO. I am sorry I thought I had included the domain:
The CSP Integration is enabled, but I do not see the CSP value in the response header or indeed, the nonces on the site?
The site is upload as a static site.
Thanks hrishikesh, we are deploying a static site via netlify-cli, but there is no build process, it is pre-built. I was hoping it would work as we are deploying via netlify-cli rather than drag and drop, but maybe not?
Many thanks hrishikesh, I added the [build] section to our netlify.toml as suggested and all seems to works with the manual build command.
netlify deploy --build --prod
I am I right in thinking as this is a dummy build we only have to run it once? I did try it without the --build and the site seemed to update as expected and kept the CSP?
e.g. netlify deploy --prod