Please provide better examples for csp

[dsingleton47]

Please provide better examples for CSP in the documentation, if I provide anything other than:
'self' => true I the result is an empty img-src value, this is true if I provide an array as well. for example using the example from paragonie/csp-builder with:

'self' => true,
'data' => true

my resulting policy only has self, data doesn't work at all. If I try to provide a domain, the same is true.

[JohanMa4]

Hi @bepsvpt, how are you man?, i have troubles by adding the data attribute on:
'font-src' => ['data' => true]
img-src' => ['data' => true]

The 'data' attribute not works!

Can you help me?

Thanks!

[JohanMa4]

Found the problem to allow 'data', if some one needs to allow 'data' on each attributes (font-src, img-src, style-src, etc), you can do something like this:

font-src => [ 'allow' => 'data:' ]
img-src => [ 'allow' => 'data:' ]

I hope this will be helpfull

[bepsvpt]

Hi @dsingleton47 and @JohanMa4,

I have updated the document. If you have any suggestion, I will deeply appreciate your feedback.

[agenciatamandua]

Please improve Documents, the CSP part is very bad at understanding.
Could you give better examples of how to use CSP?

[bepsvpt]

Hi @agenciatamandua,

If you can provide your requirements, I can include it in examples.