Don't warn about CSP if CSP module installed [#3476066]

On the Status page there's this warning:

Content Security Policy
Not configured
It is highly recommended to set a secure Content Security Policy. See the help page for more information.

However, our CSP is set, but using a different module, namely:
https://www.drupal.org/project/csp

Can the warning be removed if this module detects that https://www.drupal.org/project/csp is installed and enabled?

Show commands

Start within a Git clone of the project using the version control instructions.

Add & fetch this issue fork’s repository

Or, if you do not have SSH keys set up on git.drupalcode.org:

Add & fetch this issue fork’s repository

3476066-dont-warn-about changes, plain diff MR !6
Check out this branch for the first time

Check out existing branch, if you already have it locally

Comments

22 September 2024 at 21:34

13 March 2026 at 15:56

malcomio made their first commit to this issue’s fork.

malcomio commented 13 March 2026 at 15:57

Similarly many sites use Security Kit to provide a CSP.

13 March 2026 at 16:12

malcomio commented 13 March 2026 at 16:13

Status:

Active

» Needs review