public function beforeFilter(Event $event) { // TODO add config override if (!Configure::read('debug')) { throw new NotFoundException(); } $this->response->header(['Content-Security-Policy' => '']); }