Manual:$wgCSPReportOnlyHeader

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Manual:$wgCSPReportOnlyHeader and the translation is 40% complete.
Other languages:
English • ‎magyar • ‎日本語
コンテンツ セキュリティ ポリシー: $wgCSPReportOnlyHeader
Controls Content-Security-Policy-Report-Only header [Experimental]
導入されたバージョン:1.32.0 (Gerrit change 253969; git #70941efd)
除去されたバージョン:使用中
許容される値:(真偽値または配列)
既定値:false

Details

This config option is exactly the same as $wgCSPHeader . Please see the documentation for that config option. The only difference is that this config doesn't block any requests. It only shows errors in the web browser javascript console, as well as the csp-report-only MediaWiki debug log (As opposed to the 'csp' debug log for the main header). You can set this to an entirely different value than $wgCSPHeader , if you want to test a potentially change before implementing it.

See also