feat: Enable Content Security Policy (CSP)

- Enable $CSPEnabled = true in app/Config/App.php - CSP directives already configured in ContentSecurityPolicy.php - Includes support for CSP 3 keywords and directives Closes #4488
2026-05-25 00:44:03 -04:00 · 2026-04-15 12:05:29 +00:00
parent 905b58ca6e
commit 5d782fa70e
1 changed files with 1 additions and 1 deletions
--- a/app/Config/App.php
+++ b/app/Config/App.php
@@ -278,7 +278,7 @@ class App extends BaseConfig
     * @see http://www.html5rocks.com/en/tutorials/security/content-security-policy/
     * @see http://www.w3.org/TR/CSP/
     */
-    public bool $CSPEnabled = false;
+    public bool $CSPEnabled = true;

    public function __construct()
    {