Skip to content

Instantly share code, notes, and snippets.

@jonleverrier

jonleverrier/module.php

Last active Apr 30, 2020
Embed
What would you like to do?
A way of setting the Content Security Policy header in Craft CMS
<?php
// https://jonleverrier.com/notes/weeknote-2
// - If the request is not from the control panel
// - If the request is not from the console
// - If a user is not logged in (for debug toolbar in the front-end)
if (
!Craft::$app->request->isCpRequest &&
!Craft::$app->request->isConsoleRequest &&
!Craft::$app->getUser()->getIdentity()
)
{
// Add CSP header
Craft::$app->response->headers->add("Content-Security-Policy", "<your_policy_goes_here>");
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.