Manual:Hooks/ContentSecurityPolicyDefaultSource

ContentSecurityPolicyDefaultSource
Available from version 1.32.0 Modify the allowed CSP load sources. This affects all directives except for the script directive.
Define function:	public static function onContentSecurityPolicyDefaultSource( array &$defaultSrc, array $policyConfig, int $mode ) { ... }
Attach hook:	In extension.json: { "Hooks": { "ContentSecurityPolicyDefaultSource": "MyExtensionHooks::onContentSecurityPolicyDefaultSource" } }
Called from:	File(s): ContentSecurityPolicy.php
Interface:	ContentSecurityPolicyDefaultSourceHook.php

For more information about attaching hooks, see Manual:Hooks .
For examples of extensions using this hook, see Category:ContentSecurityPolicyDefaultSource extensions.

If you want to add a script source, see the ContentSecurityPolicyScriptSource hook.

Details

&$defaultSrc: Array of Content-Security-Policy allowed sources
$policyConfig: Current configuration for the Content-Security-Policy header
$mode: ContentSecurityPolicy::REPORT_ONLY_MODE or ContentSecurityPolicy::FULL_MODE depending on type of header

This article is issued from Mediawiki. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.