PHP Classes

File: examples/example2.php

Recommend this page to a friend!
  Classes of Tom Postma   PHP Content Security Policy generator   examples/example2.php   Download  
File: examples/example2.php
Role: Example script
Content type: text/plain
Description: Example: how to allow to load images of different origin.
Class: PHP Content Security Policy generator
Generate CSP headers to prevent security attacks
Author: By
Last change: Update examples, in examples 2 and 6 the resources are only loaded over https.

Signed-off-by: Tom <D9ping@users.noreply.github.com>
Date: 5 years ago
Size: 919 bytes
 

Contents

Class file image Download
<?php
require_once('../CSPGenerator.php');
// Allow images from files.phpclasses.org on any protocol(https,http,ftp but not from base64 data uri).
CSPGenerator::getInstance()->addImagesrc('files.phpclasses.org');

// Set the headers, always call this method before any content output.
CSPGenerator::getInstance()->Parse();
// Start content output.
?><!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>example2 - allow image to load</title>
    </head>
    <body>
        <!-- The elePHPant from PHPClasses.org should be allowed to load -->
        <p><img src="https://files.phpclasses.org/graphics/phpclasses/elephpant.png" alt="BAD, this image should not be blocked" /></p>
        <!-- The following image should be blocked/not showed
        because it's not a whitelisted source in the CSP header. -->
        <p><img src="https://upload.wikimedia.org/wikipedia/commons/3/32/Notgood.png" alt="OK, image blocked" /></p>
    </body>
</html>