PHP download

Download the PHP package baldwin/magento2-module-csp-shim without Composer

On this page you can find all versions of the php package baldwin/magento2-module-csp-shim. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download baldwin/magento2-module-csp-shim
More information about baldwin/magento2-module-csp-shim
Files in baldwin/magento2-module-csp-shim

Vendor baldwin
Package magento2-module-csp-shim
Short Description Magento 2 module which replaces the default Magento CSP module and effectively disables its functionality
License MIT

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Informations about the package magento2-module-csp-shim

CSP shim module for Magento 2

Purpose

This module exists for people who don't want to deal with the CSP (Content-Security-Policy) module which ships with Magento.

Up until Magento 2.4.7, it was simple, you could just remove the module via composer's replace syntax. But in Magento 2.4.7, this module is more tightly integrated with certain modules (like the AdminAnalytics, Checkout and Paypal modules), which - when you try to remove the CSP module using composer's replace syntax - would cause bin/magento setup:di:compile to fail.

This module provides a solution for this case, by pretending to be the Magento CSP module for certain classes that some other modules require. The classes introduced by this module use the Magento namespace because there doesn't seem to be another way of doing this but the classes are actually empty and only contain empty functions just so nothing crashes when other modules call them.

This module comes bundled with the composer replace line to remove the Magento CSP module, so you don't need to do this yourself anymore.

Update 12 June 2024: Magento devs decided to backport the CSP changes to the following Magento security releases, so we now also support these versions in the shim:

2.4.4-p9
2.4.5-p8
2.4.6-p6

Alternatives

This module might not be the best solution out there (3rd party modules might try to use classes which we don't provide in this module), so here are some alterntives we can also recommend that don't remove the CSP module but disable its output. Pick whatever one you like best:

https://github.com/yireo/Yireo_DisableCsp - it uses preferences to disable the CSP output
https://github.com/weiweiouyang/magento2-module-disable-csp - it disables some event observers
https://github.com/outeredge/magento-disable-csp - it uses plugins to disable the CSP output
...

Watch out

Do not install this module when you care about PCI DSS compliance!
The module is currently declared compatible with specific versions of Magento only, it's hard to predict what will happen in the future, so we'll try to open up compatibility with more future Magento versions when they get released.

Compatibility

This module should work with Magento 2.4.4-p9, 2.4.5-p8, 2.4.6-p6, 2.4.7 and 2.4.7-p1
The module should be compatible with PHP 7.4, 8.1, 8.2 and 8.3

Installation

You can use composer to install this module:

After which you can then activate it in Magento using:

All versions of magento2-module-csp-shim with dependencies

PHP Build Version

Package Version

Version v1.0.4 Release 08. Oct 2024
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of magento2-module-csp-shim from vendor baldwin

Requires php Version ~7.4.0 || ~8.1.0 || ~8.2.0 || ~8.3.0
magento/framework Version 103.0.4-p9 || 103.0.4-p11 || 103.0.5-p8 || 103.0.5-p10 || 103.0.6-p6 || 103.0.6-p8 || 103.0.7 || 103.0.7-p1 || 103.0.7-p3

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package baldwin/magento2-module-csp-shim contains the following files

Loading the files please wait ....