import {t} from 'sentry/locale';
const effectiveDirectives = {
'base-uri': t(
`The base-uri directive defines the URIs that a user agent
may use as the document base URL. If this value is absent, then any URI
is allowed. If this directive is absent, the user agent will use the
value in the <base> element.`
),
'child-src': t(
`The child-src directive defines the valid sources for
web workers and nested browsing contexts loaded using elements such as
<frame> and <iframe>.`
),
'connect-src': t(
`The connect-src directive defines valid sources for fetch,
XMLHttpRequest, WebSocket, and
EventSource connections.`
),
'font-src': t(
`The font-src directive specifies valid sources for fonts
loaded using @font-face.`
),
'form-action': t(
`The form-action directive specifies valid endpoints for
<form> submissions.`
),
'frame-ancestors': t(
`The frame-ancestors directive specifies valid parents that
may embed a page using the <frame> and
<iframe> elements.`
),
'img-src': t(
`The img-src directive specifies valid sources of images and
favicons.`
),
'prefetch-src': t(
`The prefetch-src directive restricts the URLs
from which resources may be prefetched or prerendered.`
),
'manifest-src': t(
`The manifest-src directive specifies which manifest can be
applied to the resource.`
),
'media-src': t(
`The media-src directive specifies valid sources for loading
media using the <audio> and <video>
elements.`
),
'object-src': t(
`The object-src directive specifies valid sources for the
<object>, <embed>, and
<applet> elements.`
),
'plugin-types': t(
`The plugin-types directive specifies the valid plugins that
the user agent may invoke.`
),
referrer: t(
`The referrer directive specifies information in the
Referer header for links away from a page.`
),
'script-src': t(
`The script-src directive specifies valid sources
for JavaScript. When either the script-src or the
default-src directive is included, inline script and
eval() are disabled unless you specify 'unsafe-inline'
and 'unsafe-eval', respectively.`
),
'script-src-elem': t(
`The script-src-elem directive applies to all script requests
and element contents. It does not apply to scripts defined in attributes.`
),
'script-src-attr': t(
`The script-src-attr directive applies to event handlers and, if present,
it will override the script-src directive for relevant checks.`
),
'style-src': t(
`The style-src directive specifies valid sources for
stylesheets. This includes both externally-loaded stylesheets and inline
use of the <style> element and HTML style attributes.
Stylesheets from sources that aren't included in the source list are not
requested or loaded. When either the style-src or the
default-src directive is included, inline use of the
<style> element and HTML style attributes are disabled
unless you specify 'unsafe-inline'.`
),
'style-src-elem': t(
`The style-src-elem directive applies to all styles except
those defined in inline attributes.`
),
'style-src-attr': t(
`The style-src-attr directive applies to inline style attributes and, if present,
it will override the style-src directive for relevant checks.`
),
'frame-src': t(
`The frame-src directive specifies valid sources for nested
browsing contexts loading using elements such as
<frame> and <iframe>.`
),
'worker-src': t(
`The worker-src directive specifies valid sources for
Worker, SharedWorker, or
ServiceWorker scripts.`
),
};
export default effectiveDirectives;