jon-b
4/12/2017 - 10:24 PM

content-security-policy conditional on $_SERVER

content-security-policy conditional on $_SERVER

<?php
//* Add Content Security Policy for HTTPS
add_action( 'wp_head', 's9_csp_meta_tag' );
function s9_csp_meta_tag() {
	if(isset($_SERVER['HTTPS'])) {
		if ($_SERVER['HTTPS'] == "on") {
    			echo '<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">';
		}
	}
}