tao-test/app/tao/config/header/actionProtection.conf.php

22 lines
617 B
PHP
Raw Permalink Normal View History

2022-08-29 20:14:13 +02:00
<?php
/**
* Configuration of the action protection service.
* This service can be used to add protection to certain actions, for example by setting CSP headers
*
* Usage:
* 'frameSourceWhitelist' => [
* "'self'",
* 'example-domain.com',
* '*.wildcard-domain.com'
* ]
*
* This example will allow "self", "example-domain.com" and "*.wildcard-domain.com" to include tao in an iFrame.
*
* Notes:
* - Keywords such as 'self' and 'none' must include single quotes
* - If no whitelisted domains are supplied, 'none' will be set automatically
*
* @see \oat\oatbox\action\ActionProtector
*/