Manual:$wgCSPReportOnlyHeader/zh
Appearance
安全: $wgCSPReportOnlyHeader | |
---|---|
控制Content-Security-Policy-Report-Only的头部[实验性] |
|
引进版本: | 1.32.0 (Gerrit change 253969; git #70941efd) |
移除版本: | 仍在使用 |
允许的值: | (布尔值或字符串) |
默认值: | false |
其他设置: 按首字母排序 | 按功能排序 |
细节
这个配置应和$wgCSPHeader 相同 关于此配置,请查看文档 唯一的不同是这个配置不拦截任何请求 It only shows errors in the web browser javascript console, as well as the csp-report-only MediaWiki debug log (As opposed to the 'csp' debug log for the main header). You can set this to an entirely different value than $wgCSPHeader , if you want to test a potentially change before implementing it.