Jeremy Davis
Jeremy Davis
Sitecore, C# and web development
Page printed from: https://blog.jermdavis.dev/posts/2020-09

Posts from September 2020

Watch your Blobs when upgrading to v9.3

I've been spending a bit of time helping out a client who's working through an upgrade project recently, and the work to move from v9.1 to v9.3 raised an interesting issue I wasn't aware of. So in the spirit of making life easier for others, here's what happened:

Sitecore snuck in Content Security Policy!

Ages ago I wrote up a bit about how your public sites should consider implementing Content Security Policy because of all the hacks it can prevent. In a bit of frustrating irony, I was tripped up by a problem caused precisely because Sitecore have added some CSP headers to their own code. Google came up empty on this, so I'm documenting it for the next person who gets bitten.