通过
搜索
搜索elgg / content-security-policy
v1.0.0
2015-03-18 20:42 UTC
Requires
- myclabs/php-enum: ~1.3
Requires (Dev)
- phpunit/phpunit: ~4.5
This package is auto-updated.
Last update: 2023-06-02 10:10:28 UTC
README
安装
composer require elgg/content-security-policy
示例用法
use Elgg\ContentSecurityPolicy\Directive; use Elgg\ContentSecurityPolicy\Header; use Elgg\ContentSecurityPolicy\Policy; use Elgg\ContentSecurityPolicy\Source; $policy = new Policy(); $policy = $policy->withSource(Directive::DEFAULT_SRC(), Source::SELF) ->withSource(Directive::IMAGE_SRC(), Source::DATA); header(Header::STANDARD . ": $policy"); // Sends "Content-Security-Policy: default-src 'self'; img-src data:"
默认情况下,策略阻止一切可能的操作。这是设计的目的,以确保您的网站只允许您想要允许的内容,而不是其他人认为合理的默认内容。
$policy = new Policy(); echo $policy; // default-src 'none'; sandbox
功能
Elgg\ContentSecurityPolicy\Policy
[x] Instances are immutable
[x] Supports configuring all standard src directives
[x] Can be stringified into standard csp format
[x] The default policy value allows nothing