[Bug]: CSP type is wrong in Internal middleware configuration in Security middleware

[lrasata]

Link to the documentation page or resource

https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.html#security

Describe the bug

In the table of possible options for security middleware, for contentSecurityPolicy it is mentioned that the Type is a Boolean which is not correct regarding the source code node_modules/@strapi/strapi/lib/middlewares/security.js
These are the default configuration used by Strapi :

const defaults = {
  crossOriginEmbedderPolicy: false,
  crossOriginOpenerPolicy: false,
  crossOriginResourcePolicy: false,
  originAgentCluster: false,
  contentSecurityPolicy: {
    useDefaults: true,
    directives: {
      'connect-src': ["'self'", 'https:'],
      'img-src': ["'self'", 'data:', 'blob:', 'https://dl.airtable.com'],
      'media-src': ["'self'", 'data:', 'blob:'],
      upgradeInsecureRequests: null,
    },
  },
  xssFilter: false,
  hsts: {
    maxAge: 31536000,
    includeSubDomains: true,
  },
  frameguard: {
    action: 'sameorigin',
  },
};

And you can see that contentSecurityPolicy is of type Object and not Boolean.

Additional context

No response

Suggested improvements or fixes

contentSecurityPolicy is of Type Object and not Boolean

Related issue(s)/PR(s)

No response

[stb13579]

Hello @lrasata Thanks for pointing this out. I made a small fix, for now, to correct the table to say Object. I will check with the team about detailing the object in the documentation as well. Thanks again for your contribution.