Manual:$wgCSPFalsePositiveUrls
| Security: $wgCSPFalsePositiveUrls | |
|---|---|
| Controls what URLs to ignore in upcoming Content-Security-Policy feature's reporting. |
|
| Introduced in version: | 1.28.0 (Gerrit change 306765; git #d84479c4) |
| Removed in version: | Still in use |
| Allowed values: | (array) |
| Default value: | See below |
| Other settings: Alphabetical | By function | |
List of urls which appear often to be triggering CSP reports but do not appear to be caused by actual content, but by client software inserting scripts (i.e. Ad-Ware). List based on results from Wikimedia logs.
A value of true for a certain URL activates it as a false-positive.
The default value is based on URLs of spam that comes into the Wikimedia log files, based on testing on elwiki.
Default value
edit| MediaWiki version: | ≥ 1.33 |
$wgCSPFalsePositiveUrls = [
'https://3hub.co' => true,
'https://morepro.info' => true,
'https://p.ato.mx' => true,
'https://s.ato.mx' => true,
'https://adserver.adtech.de' => true,
'https://ums.adtechus.com' => true,
'https://cas.criteo.com' => true,
'https://cat.nl.eu.criteo.com' => true,
'https://atpixel.alephd.com' => true,
'https://rtb.metrigo.com' => true,
'https://d5p.de17a.com' => true,
'https://ad.lkqd.net/vpaid/vpaid.js' => true, // 1.29+
'https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0' => true, // 1.33+
'https://t.lkqd.net/t' => true, // 1.33+
'chrome-extension' => true, // 1.33+
];
| MediaWiki versions: | 1.29 – 1.32 |
$wgCSPFalsePositiveUrls = [
'https://3hub.co' => true,
'https://morepro.info' => true,
'https://p.ato.mx' => true,
'https://s.ato.mx' => true,
'https://adserver.adtech.de' => true,
'https://ums.adtechus.com' => true,
'https://cas.criteo.com' => true,
'https://cat.nl.eu.criteo.com' => true,
'https://atpixel.alephd.com' => true,
'https://rtb.metrigo.com' => true,
'https://d5p.de17a.com' => true,
'https://ad.lkqd.net/vpaid/vpaid.js' => true, // 1.29+
];
| MediaWiki version: | 1.28 |
$wgCSPFalsePositiveUrls = [
'https://3hub.co' => true,
'https://morepro.info' => true,
'https://p.ato.mx' => true,
'https://s.ato.mx' => true,
'https://adserver.adtech.de' => true,
'https://ums.adtechus.com' => true,
'https://cas.criteo.com' => true,
'https://cat.nl.eu.criteo.com' => true,
'https://atpixel.alephd.com' => true,
'https://rtb.metrigo.com' => true,
'https://d5p.de17a.com' => true,
];