UiResourceCsp implements JsonSerializable
FinalYes
Content Security Policy configuration for MCP App resources.
Controls which external domains the rendered HTML app can access. If omitted entirely, a restrictive default policy is applied by the host.
Tags
Table of Contents
Interfaces
- JsonSerializable
Properties
- $baseUriDomains : array<string|int, mixed>|null
- $connectDomains : array<string|int, mixed>|null
- $frameDomains : array<string|int, mixed>|null
- $resourceDomains : array<string|int, mixed>|null
Methods
- __construct() : mixed
- fromArray() : self
- jsonSerialize() : UiResourceCspData
Properties
$baseUriDomains read-only
public
array<string|int, mixed>|null
$baseUriDomains
= null
$connectDomains read-only
public
array<string|int, mixed>|null
$connectDomains
= null
$frameDomains read-only
public
array<string|int, mixed>|null
$frameDomains
= null
$resourceDomains read-only
public
array<string|int, mixed>|null
$resourceDomains
= null
Methods
__construct()
public
__construct([array<string|int, string>|null $connectDomains = null ][, array<string|int, string>|null $resourceDomains = null ][, array<string|int, string>|null $frameDomains = null ][, array<string|int, string>|null $baseUriDomains = null ]) : mixed
Parameters
- $connectDomains : array<string|int, string>|null = null
-
domains allowed for network requests (fetch, XHR, WebSocket)
- $resourceDomains : array<string|int, string>|null = null
-
domains allowed for static resources (images, scripts, styles)
- $frameDomains : array<string|int, string>|null = null
-
domains allowed for nested iframes
- $baseUriDomains : array<string|int, string>|null = null
-
domains allowed for base URI origins
fromArray()
public
static fromArray(UiResourceCspData $data) : self
Parameters
- $data : UiResourceCspData
Return values
selfjsonSerialize()
public
jsonSerialize() : UiResourceCspData