File: examples/example2.php

Recommend this page to a friend!

examples/example2.php

File:	`examples/example2.php`
Role:	Example script
Content type:	`text/plain`
Description:	Example: how to allow to load images of different origin.
Class:	PHP Content Security Policy generator Generate CSP headers to prevent security attacks
Author:	By Tom Postma
Last change:	Update examples, in examples 2 and 6 the resources are only loaded over https. Signed-off-by: Tom <D9ping@users.noreply.github.com>
Date:	6 years ago
Size:	`919 bytes`

Download


<?php

require_once('../CSPGenerator.php');

// Allow images from files.phpclasses.org on any protocol(https,http,ftp but not from base64 data uri).

CSPGenerator::getInstance()->addImagesrc('files.phpclasses.org');



// Set the headers, always call this method before any content output.

CSPGenerator::getInstance()->Parse();

// Start content output.

?><!DOCTYPE html>

<html>

    <head>

        <meta charset="UTF-8">

        <title>example2 - allow image to load</title>

    </head>

    <body>

        <!-- The elePHPant from PHPClasses.org should be allowed to load -->

        <p><img src="https://files.phpclasses.org/graphics/phpclasses/elephpant.png" alt="BAD, this image should not be blocked" /></p>

        <!-- The following image should be blocked/not showed

        because it's not a whitelisted source in the CSP header. -->

        <p><img src="https://upload.wikimedia.org/wikipedia/commons/3/32/Notgood.png" alt="OK, image blocked" /></p>

    </body>

</html>

About us

Advertise on this site

For more information send a message to info at phpclasses dot org.

File: examples/example2.php

Contents