- Installing and upgrading
-
- Installation overview
- General installation requirements
- Upgrading
- Installing on Ubuntu Linux
- Installing on Windows Server
- Installing on macOS
- Installing on CentOS Linux
- Installing on SuSE
- Configuring php.ini
- Configuring Apache
- Configuring the database
- LibreOffice integration for Microsoft Office previews
- OpenCV (facial recognition)
- Alternative installation
- Upgrading PHP versions
- Setting up scheduled tasks/cron
- Backups
- Security
- User management
- Advanced user group options
- Customising ResourceSpace
- Plugins
- StaticSync
- Configuring ResourceSpace
-
- The config file
- Offline job queues
- File integrity checking
- ResourceSpace file storage (filestore)
- Checksums
- Edit access for contributors
- Configuring Leaflet Maps
- Create alternative video files
- Signing all database PHP code
- Integrating with Uppy Companion
- The System Configuration page
- Configuring image alternatives
- Minimal preview creation
- Integrations
CSP frame-ancestors
This is used to inform the browser which sites can embed a ResourceSpace page using <frame>, <iframe>, <object>, or <embed> tags.
To enable this, set the configuration option $csp_frame_ancestors as below. This must be defined as an array of valid parent URLs.
e.g.
$csp_frame_ancestors = ["'self'", "https://example.org", "https://example.com", "https://store.example.com"]; NOTES
- Single quotes are required for 'self' or 'none'
- By default an empty array is configured, however 'self' is always added for system functionality e.g. advanced search
- If no entries are added then frame-ancestors will be implemented based upon the legacy '$xframe_options' config if that is set
Refer to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors for more information