Manual:$wgCSPFalsePositiveUrls
Appearance
Security: $wgCSPFalsePositiveUrls | |
---|---|
Controls what URLs to ignore in upcoming Content-Security-Policy feature's reporting. |
|
Introduced in version: | 1.28.0 (Gerrit change 306765; git #d84479c4) |
Removed in version: | Still in use |
Allowed values: | (array) |
Default value: | See below |
Other settings: Alphabetical | By function |
List of urls which appear often to be triggering CSP reports but do not appear to be caused by actual content, but by client software inserting scripts (i.e. Ad-Ware). List based on results from Wikimedia logs.
A value of true
for a certain URL activates it as a false-positive.
The default value is based on URLs of spam that comes into the Wikimedia log files, based on testing on elwiki.
Default value
[edit]MediaWiki version: | ≥ 1.33 |
$wgCSPFalsePositiveUrls = [
'https://3hub.co' => true,
'https://morepro.info' => true,
'https://p.ato.mx' => true,
'https://s.ato.mx' => true,
'https://adserver.adtech.de' => true,
'https://ums.adtechus.com' => true,
'https://cas.criteo.com' => true,
'https://cat.nl.eu.criteo.com' => true,
'https://atpixel.alephd.com' => true,
'https://rtb.metrigo.com' => true,
'https://d5p.de17a.com' => true,
'https://ad.lkqd.net/vpaid/vpaid.js' => true, // 1.29+
'https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0' => true, // 1.33+
'https://t.lkqd.net/t' => true, // 1.33+
'chrome-extension' => true, // 1.33+
];
MediaWiki versions: | 1.29 – 1.32 |
$wgCSPFalsePositiveUrls = [
'https://3hub.co' => true,
'https://morepro.info' => true,
'https://p.ato.mx' => true,
'https://s.ato.mx' => true,
'https://adserver.adtech.de' => true,
'https://ums.adtechus.com' => true,
'https://cas.criteo.com' => true,
'https://cat.nl.eu.criteo.com' => true,
'https://atpixel.alephd.com' => true,
'https://rtb.metrigo.com' => true,
'https://d5p.de17a.com' => true,
'https://ad.lkqd.net/vpaid/vpaid.js' => true, // 1.29+
];
MediaWiki version: | 1.28 |
$wgCSPFalsePositiveUrls = [
'https://3hub.co' => true,
'https://morepro.info' => true,
'https://p.ato.mx' => true,
'https://s.ato.mx' => true,
'https://adserver.adtech.de' => true,
'https://ums.adtechus.com' => true,
'https://cas.criteo.com' => true,
'https://cat.nl.eu.criteo.com' => true,
'https://atpixel.alephd.com' => true,
'https://rtb.metrigo.com' => true,
'https://d5p.de17a.com' => true,
];