Leiste mit Community-Erfolgen erweitern.

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now

Mark Solution

Diese Konversation wurde aufgrund von Inaktivität geschlossen. Bitte erstellen Sie einen neuen Post.

GELÖST

CSP headers not coming when status is 304(Not Modified)

Avatar

Level 4
Level 4
12.10.23 2:58:41 AM

Hello All,

 

We have implemented (Content Security Policy)CSP headers in our project in custom .vhost file I can see CSP headers when page status is 200. But if we refresh the same page it shows page status as 304 Not modified. In this case CSP headers are not loading and page is served from cache. But our client is having concern will it be a security threat if we reload page and CSP headers wont be there. Can anyone please provide some info on this?

Zugriffe

1.0K

Antworten

2
Melden Sie sich an, um diesen Inhalt zu liken

Likes gesamt

Übersetzen
Übersetzen
1 Akzeptierte Lösung

Avatar

Korrekte Antwort von
Community Advisor
Community Advisor
12.10.23 4:42:15 AM

When a page is served from the browser cache with a "304 Not Modified" response, the CSP headers may not be explicitly shown in the response because the browser relies on the original CSP headers included in the cached page. You should ensure that CSP policies are correctly set in the initial response to maintain security when pages are served from the cache.

Arun Patidar

AEM LinksLinkedIn

Lösung in ursprünglichem Beitrag anzeigen

Zugriffe

1.0K

Antworten

0
Melden Sie sich an, um diesen Inhalt zu liken

Likes gesamt

Übersetzen
Übersetzen
Zu Antwort springen
2 Antworten

Avatar

Korrekte Antwort von
Community Advisor
Community Advisor
12.10.23 4:42:15 AM

When a page is served from the browser cache with a "304 Not Modified" response, the CSP headers may not be explicitly shown in the response because the browser relies on the original CSP headers included in the cached page. You should ensure that CSP policies are correctly set in the initial response to maintain security when pages are served from the cache.

Arun Patidar

AEM LinksLinkedIn

Zugriffe

1.0K

Antworten

0
Melden Sie sich an, um diesen Inhalt zu liken

Likes gesamt

Übersetzen
Übersetzen
Zu Antwort springen

Avatar

Administrator
Administrator
13.10.23 3:32:40 AM

@supriya-hande  Did you find the suggestions from Arun helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.



Kautuk Sahni

Zugriffe

974

Antworten

0
Melden Sie sich an, um diesen Inhalt zu liken

Likes gesamt

Übersetzen
Übersetzen
Verwandte Konversationen
AEM design importer Upload Zip Option not working after Service pack 6.5.23 Solved

Zugriffe

119

Likes

0

Antworten

6
Meta Translation Functions Not Active For Custom Translator Connector

Zugriffe

41

Likes

0

Antworten

1
Barcode PDF417 not reading in Adobe Reader

Zugriffe

78

Likes

0

Antworten

1
What is AEM EDS Solution for External SAP Commerce Integration

Zugriffe

226

Likes

0

Antworten

4
Adobe CDN is blocking requests from internal Adobe service IPs (IO Runtime) || Allow Adobe I/O Runtime to AEM Author Traffic for Runtime Namespace

Zugriffe

214

Likes

0

Antworten

3