File: examples/example1.php

Recommend this page to a friend!

examples/example1.php

File:	`examples/example1.php`
Role:	Example script
Content type:	`text/plain`
Description:	Example: how to allow to use style="" attributes in html.
Class:	PHP Content Security Policy generator Generate CSP headers to prevent security attacks
Author:	By Tom Postma
Last change:
Date:	7 years ago
Size:	`766 bytes`

Download


<?php

require_once('../CSPGenerator.php');

// Allow use of style="..." inline CSS.

// Unsafe because a css injection can then control how the page looks.

CSPGenerator::getInstance()->addStylesrc("'unsafe-inline'");

// To avoid this it's recommended to use a stylesheets file instead and use classes and id's only in html.





// Set the headers, always call this method before any content output.

CSPGenerator::getInstance()->Parse();

// Start content output.

?><!DOCTYPE html>

<html>

    <head>

        <meta charset="UTF-8">

        <title>example1 - allow (unsafe)inline css</title>

    </head>

    <body>

        <!-- The following text is allowed to be centred because 'unsafe-inline' is added the CSP header. -->

        <p style="text-align: center">testing inline css use</p>

    </body>

</html>

About us

Advertise on this site

For more information send a message to info at phpclasses dot org.

File: examples/example1.php

Contents