diff --git a/web-lib-funcs.pl b/web-lib-funcs.pl
index 01a3cd712..1afde39f7 100755
--- a/web-lib-funcs.pl
+++ b/web-lib-funcs.pl
@@ -957,10 +957,19 @@ if ($gconfig{'extra_headers'}) {
 if (!$gconfig{'no_frame_options'}) {
 	print "X-Frame-Options: SAMEORIGIN\n";
 	}
-if (!$gconfig{'no_content_security_policy'}) {
-	print "Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; child-src 'self'\n";
+if (!$gconfig{'no_content_security_policy'} &&
+	 $gconfig{'extra_headers'} !~ /Content-Security-Policy:/) {
+	if ($tconfig{'csp_headers'}) {
+		print "Content-Security-Policy: $tconfig{'csp_headers'}\n";
+		} 
+	else {
+		print "Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; child-src 'self'\n";
+		}
 	}
 print "X-Content-Type-Options: nosniff\n";
+if ($tconfig{'nolinks'}) {
+	print "X-no-links: 1\n";
+	}
 if (defined($cs)) {
 	print "Content-type: $mt; Charset=$cs\n\n";
 	}
diff --git a/webmin/edit_advanced.cgi b/webmin/edit_advanced.cgi
index 08d96503a..7d24b2bb9 100755
--- a/webmin/edit_advanced.cgi
+++ b/webmin/edit_advanced.cgi
@@ -73,6 +73,11 @@ if (&has_command("chattr")) {
 		    &ui_yesno_radio("chattr", $gconfig{'chattr'}));
 	}
 
+# Network buffer size
+print &ui_table_row($text{'advanced_bufsize'},
+	&ui_opt_textbox("bufsize", $miniserv{'bufsize'}, 6,
+			$text{'default'}." (32768)"));
+
 # Nice level for cron jobs
 if (&foreign_check("proc")) {
 	&foreign_require("proc", "proc-lib.pl");
@@ -107,12 +112,6 @@ print &ui_table_row($text{'advanced_headers'},
 print &ui_table_row($text{'advanced_sortconfigs'},
 	&ui_yesno_radio("sortconfigs", $gconfig{'sortconfigs'}));
 
-# Network buffer size
-print &ui_table_row($text{'advanced_bufsize'},
-	&ui_opt_textbox("bufsize", $miniserv{'bufsize'}, 6,
-			$text{'default'}." (32768)"));
-
-
 print &ui_table_end();
 print &ui_form_end([ [ "save", $text{'save'} ] ]);