-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.env.example
More file actions
34 lines (28 loc) · 945 Bytes
/
.env.example
File metadata and controls
34 lines (28 loc) · 945 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# Required (if not provided as command-line argument)
CSP_URL=https://example.com
# Boolean Options (set to 'true' to enable)
CSP_ALLOW_HTTP=false
CSP_ALLOW_PRIVATE_ORIGINS=false
CSP_ALLOW_UNSAFE_INLINE_SCRIPT=false
CSP_ALLOW_UNSAFE_INLINE_STYLE=false
CSP_ALLOW_UNSAFE_EVAL=false
CSP_REQUIRE_TRUSTED_TYPES=false
# Security Options
CSP_USE_STRICT_DYNAMIC=false
CSP_USE_NONCE=false
CSP_USE_HASHES=false
CSP_UPGRADE_INSECURE_REQUESTS=true
CSP_BLOCK_MIXED_CONTENT=true
CSP_RESTRICT_FRAMING=true
CSP_USE_SANDBOX=false
# Numeric Options
CSP_MAX_BODY_SIZE=0
CSP_TIMEOUT_MS=8000
# Complex Options
# Format: directive1:value1,value2;directive2:value3,value4
CSP_PRESETS="connect-src:https://api.example.com,wss://ws.example.com;font-src:https://fonts.example.com"
# JSON string for fetch options
CSP_FETCH_OPTIONS='{"headers":{"User-Agent":"Custom Agent"}}'
# Output Options
# Available formats: header, raw, json, csp-only
CSP_OUTPUT_FORMAT=header