Colibrio Reader Framework API - Cloud license
    Preparing search index...

    Interface IEpubRemoteResourceWhitelistDirective

    interface IEpubRemoteResourceWhitelistDirective {
        directive: CspDirective;
        sources: string[];
    }

    Properties

    directive: CspDirective

    A Content-Security-Policy directive compatible with CSP Level 1 and CSP Level 2.

    Please see the following documentation: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#Directives https://content-security-policy.com/

    The following directives can be modified when whitelisting sources for remoteResourcesScriptedDocumentsOptions: 'child-src', 'frame-src', 'connect-src', 'default-src', 'font-src', 'img-src', 'media-src', 'object-src', 'script-src', 'style-src'

    The following directives can be modified when whitelisting sources for remoteResourcesNonScriptedDocumentsOptions: 'style-src', 'frame-src', 'style-src', 'media-src', 'font-src', 'img-src'

    sources: string[]

    The list of sources that may be loaded for the specified policy.

    Please note that you may need to specify directives in your app's Content-Security-Policy as a element or as a HTTP header as well since those restrictions are inherited by child iframes used for rendering content-documents.

    Examples:

    • domain.example.com Allows loading resources from the specified domain name.
    • *.example.com Allows loading resources from any subdomain under example.com.
    • https://cdn.com Allows loading resources only over HTTPS matching the given domain.
    • https: Allows loading resources only over HTTPS on any domain.
    • https://*.example.com Allows loading resources only over HTTPS from any subdomain under example.com.
      •                  Allow any url.

    For more examples see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#Directives https://content-security-policy.com/

    Properties