80Quattro
commented
4 months ago Something like that works for us:
# Inherits default site-unspecific frontend policy mutations (enabled per default)
inheritDefault: true
mutations:
- mode: set
directive: 'script-src'
sources:
- "'self'"
- "'unsafe-inline'"
- mode: set
directive: 'default-src'
sources:
- "'self'"
- "'unsafe-inline'"
- mode: set
directive: 'worker-src'
sources:
- 'blob:'
- mode: extend
directive: 'connect-src'
sources:
- 'https://*.friendlycaptcha.eu'
In TYPO3 v12, if Content Security Policy is enabled, the FriendlyCaptcha Template scripts / styles are not correctly loaded.
Appropriate directives need to be added in csp.yaml file.