Download the PHP package cloudgrayau/csp without Composer
On this page you can find all versions of the php package cloudgrayau/csp. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download cloudgrayau/csp
More information about cloudgrayau/csp
Files in cloudgrayau/csp
Package csp
Short Description Content Security Policy manager for Craft CMS
License MIT
Informations about the package csp
CSP for Craft CMS 4/5
Content Security Policy manager for Craft CMS.
Requirements
This plugin requires Craft CMS 4.0.0 or later.
Installation
composer require cloudgrayau/csp
CSP Overview
CSP is a Content Security Policy and HTTP Header Response manager for Craft CMS.
SEOmatic Compatibility
This plugin is 100% compatible with any nonces generated by the Automatic Render Enabled
setting inside SEOmatic Plugin Settings (General)
. To ensure compatibility, please set the Nonces for <script> tags
to Response Headers
inside the SEOmatic Plugin Settings (Tags)
.
Please note; any script-src
CSP tags set within SEOmatic will also be applied.
The Content-Security-Policy
HTTP Response Header applied by SEOMatic is automatically overridden and/or removed.
Blitz Compatibility
To ensure the Content Security Policy remains compatible with Blitz Caching enabled, please ensure the CSP Mode
is set to Meta Tags
inside the CSP Settings (Settings)
.
Setup
The plugin can be configured via the Craft CMS Settings
or by using the supplied config/csp.php
file.
Additional nonces can be configured in your templates as follows:
Overriding Config
The CSP configuration can be updated in realtime via your templates with twig. This can be useful, for example to disable the CSP on XHR requests.
Brought to you by Cloud Gray Pty Ltd