Why does my apache refuse the "Content-Security-Policy" headers?

http-headers apache-2.2 ubuntu apache-2.4

If the value of the header contains spaces, you must surround it in double quotes. Your examples already do this, but your intended new headers do not.

For example, you tried:

Header always set Content-Security-Policy: frame-src 'self' *.google.de google.de *.google.com google.com;

It should be:

Header always set Content-Security-Policy: "frame-src 'self' *.google.de google.de *.google.com google.com;"

Related

Using FilesMatch to increase security
Some advise needed on how to setup reverse PTR on web and mail server
Apache segfault glibc segfault
Where I config CNAME in VPS Server without Cpanel
How do I change physical path of virtual directory in IIS6 through command line?
wget works with company proxy but apt-get and dpkg doesn't
How does the DFS 'cache duration' setting work?
SQL Sever 2008 R2 Installation error: Unsupported 16-bit Application
Users in ubuntu; Cant figure it out
How to delete the current line and add a new line in Notepad++?
Is it possible to add border to image in GitHub markdown?
How to programmatically trigger the click on a link using jQuery?