I am trying to add 2 headers to the .htaccess file but when the site is reloaded it gives a 500 internal server error
First header is:
Header set Content-Security-Policy: default-src https:
According to this website, this should allow any assets to load over https from any origin.
Second header is:
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Obviously changing example.com to the proper domain, but the same website says this should work but also causes internal server error.
Best Answer
Syntax is wrong.
Is correct syntax.
In addition you should verify that
mod_headers
is enabled.