Manual:Hooks/ContentSecurityPolicyScriptSource
| ContentSecurityPolicyScriptSource | |
|---|---|
| Available from version 1.32.0 Modify the allowed CSP script sources. | |
| Define function: | public static function onContentSecurityPolicyScriptSource( array &scriptSrc, array $policyConfig, int $mode ) { ... }
|
| Attach hook: | In extension.json:
{
"Hooks": {
"ContentSecurityPolicyScriptSource": "MediaWiki\\Extension\\MyExtension\\Hooks::onContentSecurityPolicyScriptSource"
}
}
|
| Called from: | File(s): ContentSecurityPolicy.php |
| Interface: | ContentSecurityPolicyScriptSourceHook.php |
For more information about attaching hooks, see Manual:Hooks.
For examples of extensions using this hook, see Category:ContentSecurityPolicyScriptSource extensions.
Note that you also have to use ContentSecurityPolicyDefaultSource if you want non-script sources to be loaded from whatever you add.
Details
edit&$scriptSrc: Array ofContent-Security-Policydirectives$policyConfig: Current configuration for theContent-Security-Policyheader$mode:ContentSecurityPolicy::REPORT_ONLY_MODEorContentSecurityPolicy::FULL_MODEdepending on type of header