Solved roundcube, can't send mail, policy issue

[anay]

I just found that send button is not working on Roundcube webmail.
I have "Content Security Policy" error in browser which won't let roundube to work. What is correct way to resolve this issue in DirectAdmin?

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https:". Either the 'unsafe-inline' keyword, a hash ('sha256-6vx9ay6pUlbcA/CQozvcXNzeq+Y7wTsi9oq50R6wFwk='), or a nonce ('nonce-...') is required to enable inline execution.

 

[Richard G]

Do you have some external protection? I read something about an inline script blocking stuff, and on the third line it seems to refer to ethreatguard. So it seems caused by some external protection rather than Directadmin.

 

[anay]

Nothing external, it just name of the virtualhost, user is accessing via domainName.com/webmail and that is the doman name.

 

[Richard G]

Is that only with 1 user? If yes, can you check the users .htaccess file if certain security policy's are present in there?

 

[anay]

That helped, I recalled this particular domain had custom security headers. Till now, I was assuming that "security headers" for webmail are set by roundcube pacakge itself but, they are set on the basis of domain.