saulteafarmer/castopod
1
0
Fork 0
mirror of https://code.castopod.org/adaures/castopod synced 2025-06-06 18:31:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
castopod/app/Config/ContentSecurityPolicy.php
Yassine Doghri cbb83a6f30 feat: add npm for js dependencies + move src/ files to root folder 
- add node service in docker-compose.yml
- update .devcontainer Dockerfile by adding node, npm and vim
- init package.json for npm with tailwindcss, postcss, commitlint and commitizen as dev dependencies
- update default layout main header and footer
- replace CI's welcome_message.php with home.php listing all podcasts
- add AUTHORS.md file
- add docs folder in which to place castopod's technical documentation
2020-10-15 14:05:36 +00:00

49 lines
1.5 KiB
PHP
Raw Blame History

<?php namespace Config;
use CodeIgniter\Config\BaseConfig;
/**
* Class ContentSecurityPolicyConfig
*
* Stores the default settings for the ContentSecurityPolicy, if you
* choose to use it. The values here will be read in and set as defaults
* for the site. If needed, they can be overridden on a page-by-page basis.
*
* Suggested reference for explanations:
* https://www.html5rocks.com/en/tutorials/security/content-security-policy/
*
* @package Config
*/
class ContentSecurityPolicy extends BaseConfig
{
// broadbrush CSP management
public $reportOnly = false; // default CSP report context
public $reportURI = null; // URL to send violation reports to
public $upgradeInsecureRequests = false; // toggle for forcing https
// sources allowed; string or array of strings
// Note: once you set a policy to 'none', it cannot be further restricted
public $defaultSrc = null; // will default to self if not over-ridden
public $scriptSrc = 'self';
public $styleSrc = 'self';
public $imageSrc = 'self';
public $baseURI = null; // will default to self if not over-ridden
public $childSrc = 'self';
public $connectSrc = 'self';
public $fontSrc = null;
public $formAction = 'self';
public $frameAncestors = null;
public $mediaSrc = null;
public $objectSrc = 'self';
public $manifestSrc = null;
// mime types allowed; string or array of strings
public $pluginTypes = null;
// list of actions allowed; string or array of strings
public $sandbox = null;
}
Reference in New Issue View Git Blame Copy Permalink