Does Cloudflare changes CSP header?
As per the docs: Cloudflare does not modify CSP headers from the origin web server (except when using Zaraz)
See: https://developers.cloudflare.com/fundamentals/reference/policies-compliances/content-security-policies/#:~:text=Cloudflare%20does%20not,when%20using%20Zaraz
See: https://developers.cloudflare.com/fundamentals/reference/policies-compliances/content-security-policies/#:~:text=Cloudflare%20does%20not,when%20using%20Zaraz
Cloudflare Docs
A Content Security Policy (CSP) is an added layer of security that helps detect and mitigate certain types of attacks, including:
