43 lines
1.2 KiB
PHP
43 lines
1.2 KiB
PHP
<?php
|
|
namespace App\Support;
|
|
|
|
use Spatie\Csp\Directive;
|
|
use Spatie\Csp\Policies\Basic;
|
|
|
|
class MyCustomPolicy extends Basic
|
|
{
|
|
public function configure()
|
|
{
|
|
parent::configure();
|
|
$this->addDirective(Directive::FRAME, [
|
|
//\Spatie\Csp\Keyword::UNSAFE_INLINE,
|
|
\Spatie\Csp\Keyword::SELF,
|
|
//\Spatie\Csp\Keyword::UNSAFE_HASHES,
|
|
'www.google.com'
|
|
]);
|
|
$this->addDirective(Directive::STYLE, [
|
|
//\Spatie\Csp\Keyword::UNSAFE_INLINE,
|
|
\Spatie\Csp\Keyword::SELF,
|
|
//\Spatie\Csp\Keyword::UNSAFE_HASHES,
|
|
'fonts.googleapis.com'
|
|
]);
|
|
$this->addDirective(Directive::SCRIPT, [
|
|
// \Spatie\Csp\Keyword::UNSAFE_INLINE,
|
|
\Spatie\Csp\Keyword::SELF,
|
|
//\Spatie\Csp\Keyword::UNSAFE_HASHES,
|
|
'fonts.googleapis.com'
|
|
]);
|
|
$this->addDirective(Directive::FONT, [
|
|
\Spatie\Csp\Keyword::STRICT_DYNAMIC,
|
|
\Spatie\Csp\Keyword::SELF,
|
|
'fonts.gstatic.com'
|
|
]);
|
|
$this->addDirective(Directive::IMG, [
|
|
\Spatie\Csp\Keyword::STRICT_DYNAMIC,
|
|
\Spatie\Csp\Keyword::SELF,
|
|
'data:'
|
|
]);
|
|
$this->addNonceForDirective(Directive::SCRIPT)
|
|
->addNonceForDirective(Directive::STYLE);
|
|
}
|
|
} |