DirectiveSet::canNotBeFallbackedByDefault(): Argument #2 ($value) must be of type string, bool given
bartosz-zolynski opened this issue · comments
While updating Nelmio bundle from 2.12.0 to 3.0.0, it seems that passing boolean
to block-all-mixed-content
breaks the functionality as string is expected:
Nelmio\SecurityBundle\ContentSecurityPolicy\DirectiveSet::canNotBeFallbackedByDefault(): Argument #2 ($value) must be of type string, bool given, called in /var/www/vendor/nelmio/security-bundle/src/ContentSecurityPolicy/DirectiveSet.php on line 146
Part of the config that follows the current documentation:
nelmio_security:
csp:
enforce:
block-all-mixed-content: true
Not sure if this also impacts other keys used by this functionality.