Skip to content

Too many CSP Whitelist headers

I am getting errors on CSP_Whitelist headers in an apache2.4 environment. Apparantly there are too many of them, and I can’t say which ones are more important than others.
Is there a way to determine which headers are used, which are important, and which can be ignored or are already handled in another way.

Also, is there a difference in handling these headers when code ‘lives’ in app/code/ or in vendor map.