---
"@logto/cloud": patch
"@logto/core": patch
---

### Enable strict CSP policy check header

This change removes the report only flag from CSP security header settings, which will enables the strict CSP policy check for all requests.