[FEATURE] #104549 - Disable Content Security Policy for a site

Related: TYPO3-Documentation/Changelog-To-Doc#1001 Releases: main, 12.4
brotkrueml · Sep 30, 2024 · 6081b09 · 6081b09
1 parent 6db5048
commit 6081b09
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/Documentation/ApiOverview/ContentSecurityPolicy/Index.rst b/Documentation/ApiOverview/ContentSecurityPolicy/Index.rst
@@ -121,6 +121,20 @@ used to declare policies for a specific site, for example:
     :language: yaml
     :caption: config/sites/<my_site>/csp.yaml | typo3conf/sites/<my_site>/csp.yaml
 
+
+Disable CSP for a site
+~~~~~~~~~~~~~~~~~~~~~~
+
+..  versionadded:: 12.4.20
+
+The Content Security Policy for a particular site can be disabled with the
+:yaml:`active` key set to :yaml:`false`:
+
+..  literalinclude:: _csp_active.yaml
+    :language: yaml
+    :caption: config/sites/<my_site>/csp.yaml | typo3conf/sites/<my_site>/csp.yaml
+
+
 ..  _content-security-policy-modes:
 
 Modes

diff --git a/Documentation/ApiOverview/ContentSecurityPolicy/_csp_active.yaml b/Documentation/ApiOverview/ContentSecurityPolicy/_csp_active.yaml
@@ -0,0 +1,2 @@
+# "active" is enabled by default if omitted
+active: false