yireo / magento2-disable-csp
yireo/magento2-disable-csp
Disable CSP
Yireo DisableCsp
For shops that don't need CSP to be enabled, this module offers a quick solution. Just install and enable the module and you're done.
Technically, it replaces the default implementation of Magento\Csp\Api\CspRendererInterface with a dummy.
Usage
composer require yireo/magento2-disable-csp
bin/magento module:enable Yireo_DisableCsp
Remark
The magento/module-csp package is still necessary and should not be removed via composer replace.
Alternatives
- Wouyang_DisableCsp
- Disables the
csp_renderobserver
- Disables the
- baldwin-agency/magento2-module-csp-shim
- Overrides the Magento CSP module itself and its namespaces (ugly)
No changelog yet
The vendor hasn't published a changelog. Tagged releases appear in the Versions tab.
| Version | Stability | QA Status | Compatibility | Released |
|---|---|---|---|---|
| 1.0.3 | stable | Pass | Magento 2.4.7-2.4.9 Details | 2025-04-17 11:09:30 |
| 1.0.2 | stable | Not tested | Not yet tested Details | 2025-01-02 18:20:56 |
| 1.0.1 | stable | Not tested | Not yet tested Details | 2024-06-28 12:20:10 |
| 1.0.0 | stable | Not tested | Not yet tested Details | 2024-06-19 07:06:43 |
Requires 2
| Package | Constraint |
|---|---|
| magento/framework | ^100.0|^101.0|^102.0|^103.0 |
| magento/module-csp | ^100.0 |
Compatibility
Each Magento release line is installed on its supported PHP versions, then the module is built (DI compilation + static-content deploy) and its unit and integration suites are run. The matrix shows the lines and PHP versions the module is confirmed to install and run on. Code-quality results further down (phpstan, phpcs, …) are reported separately and never affect compatibility.
Code Quality
Advisory checks against the module's source. Static analysis runs once across the whole module; PHPStan re-runs per Magento + PHP version because resolvable symbols differ between releases. These NEVER affect the Compatibility badge — a phpcs finding can't make a module incompatible.
Static analysis
Coding standards (phpcs), mess detection (phpmd), copy-pasted code (cpd), PHP cross-version compatibility, composer.json validity. Each runs once for the whole module.
PHPStan
Type-checks the module's PHP against a real Magento install at the configured gate level. Re-runs per Magento and PHP version because resolvable symbols differ between releases. Cell → details modal.
Tests
Unit and integration suites, run for each applicable Magento and PHP version. A test failure speaks to the module's behaviour, not its compatibility with a Magento line, so it is reported here separately and never reddens the compatibility matrix.
Unit tests
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | ||
| 2.4.8 | N/A | N/A | ||
| 2.4.9 | N/A | N/A |
Integration tests
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | ||
| 2.4.8 | N/A | N/A | ||
| 2.4.9 | N/A | N/A |
Security
Security checks run directly against the module: an audit of its declared dependencies for known vulnerabilities (composer audit) and a scan of its source for malware and web-shell signatures. Each runs once. A malware detection fails the version outright.
More from yireo
View vendorTurn an existing module into recurring revenue.
If you already maintain a Magento 2 module on GitHub or GitLab, listing it on Packagento takes about five minutes. We mirror your tags, handle distribution signing, and route paid licenses through Stripe Connect, so you can keep shipping the way you already do.