Unify provider READMEs and add Upload CSP config examples

Signed-off-by: Derrick Mehaffy <derrickmehaffy@gmail.com>
2025-12-26 14:44:31 +00:00 · 2021-12-01 09:00:24 -07:00 · 2021-12-01 09:00:24 -07:00 · 982e90d637
commit 982e90d637
parent 2be761b73a
11 changed files with 179 additions and 45 deletions
--- a/packages/providers/email-amazon-ses/README.md
+++ b/packages/providers/email-amazon-ses/README.md
@ -2,7 +2,7 @@

 ## Resources

- [LICENSE](https://github.com/strapi/strapi/blob/master/packages/providers/email-amazon-ses/LICENSE)
+- [LICENSE](LICENSE)

 ## Links

--- a/packages/providers/email-amazon-ses/package.json
+++ b/packages/providers/email-amazon-ses/package.json
@ -42,5 +42,8 @@
  "engines": {
    "node": ">=12.x.x <=16.x.x",
    "npm": ">=6.0.0"
+  },
+  "strapi": {
+    "isProvider": true
  }
 }
--- a/packages/providers/email-mailgun/README.md
+++ b/packages/providers/email-mailgun/README.md
@ -2,7 +2,7 @@

 ## Resources

- [LICENSE](https://github.com/strapi/strapi/blob/master/packages/providers/email-mailgun/LICENSE)
+- [LICENSE](LICENSE)

 ## Links

--- a/packages/providers/email-nodemailer/README.md
+++ b/packages/providers/email-nodemailer/README.md
@ -2,7 +2,7 @@

 ## Resources

- [LICENSE](https://github.com/strapi/strapi/blob/master/packages/providers/email-nodemailer/LICENSE)
+- [LICENSE](LICENSE)

 ## Links

--- a/packages/providers/email-sendgrid/README.md
+++ b/packages/providers/email-sendgrid/README.md
@ -2,7 +2,7 @@

 ## Resources

- [LICENSE](https://github.com/strapi/strapi/blob/master/packages/providers/email-sendgrid/LICENSE)
+- [LICENSE](LICENSE)

 ## Links

--- a/packages/providers/email-sendmail/README.md
+++ b/packages/providers/email-sendmail/README.md
@ -2,7 +2,7 @@

 ## Resources

- [LICENSE](https://github.com/strapi/strapi/blob/master/packages/providers/email-sendmail/LICENSE)
+- [LICENSE](LICENSE)

 ## Links

--- a/packages/providers/upload-aws-s3/README.md
+++ b/packages/providers/upload-aws-s3/README.md
@ -1,4 +1,25 @@
-# strapi-provider-upload-aws-s3
+# @strapi/provider-upload-aws-s3
+
+## Resources
+
+- [LICENSE](LICENSE)
+
+## Links
+
+- [Strapi website](https://strapi.io/)
+- [Strapi documentation](https://docs.strapi.io)
+- [Strapi community on Discord](https://discord.strapi.io)
+- [Strapi news on Twitter](https://twitter.com/strapijs)
+
+## Installation
+
+```bash
+# using yarn
+yarn add @strapi/provider-upload-aws-s3
+
+# using npm
+npm install @strapi/provider-upload-aws-s3 --save
+```

 ## Configurations

@ -6,7 +27,7 @@ Your configuration is passed down to the provider. (e.g: `new AWS.S3(config)`).

 See the [using a provider](https://docs.strapi.io/developer-docs/latest/plugins/upload.html#using-a-provider) documentation for information on installing and using a provider. And see the [environment variables](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#environment-variables) for setting and using environment variables in your configs.

-**Example**
+### Provider Configuration

 `./config/plugins.js`

@ -30,11 +51,37 @@ module.exports = ({ env }) => ({
 });
 ```

+### Security Middleware Configuration
+
+Due to the default settings in the Strapi Security Middleware you will need to modify the `contentSecurityPolicy` settings to properly see thumbnail previews in the Media Library. You should replace `strapi::security` string with the object instead as explained in the [middleware configuration](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.html#loading-order) documentation.
+
+`./config/middlewares.js`
+
+````js
+module.exports = [
+  // ...
+  {
+    name: "strapi::security",
+    config: {
+      contentSecurityPolicy: {
+        useDefaults: true,
+        directives: {
+          "connect-src": ["'self'", "https:"],
+          "img-src": ["'self'", "data:", "blob:", "yourBucketName.s3.yourRegion.amazonaws.com"],
+          "media-src": ["'self'", "data:", "blob:", "yourBucketName.s3.yourRegion.amazonaws.com"],
+          upgradeInsecureRequests: null,
+        },
+      },
+    },
+  },
+  // ...
+];
+
 ## Required AWS Policy Actions

 These are the minimum amount of permissions needed for this provider to work.

-```
+```json
 "Action": [
  "s3:PutObject",
  "s3:GetObject",
@ -42,14 +89,4 @@ These are the minimum amount of permissions needed for this provider to work.
  "s3:DeleteObject",
  "s3:PutObjectAcl"
 ],
-```
-
-## Resources
-
- [License](LICENSE)
-
-## Links
-
- [Strapi website](https://strapi.io/)
- [Strapi community on Slack](https://slack.strapi.io)
- [Strapi news on Twitter](https://twitter.com/strapijs)
+````
--- a/packages/providers/upload-cloudinary/README.md
+++ b/packages/providers/upload-cloudinary/README.md
@ -1,4 +1,25 @@
-# strapi-provider-upload-cloudinary
+# @strapi/provider-upload-cloudinary
+
+## Resources
+
+- [LICENSE](LICENSE)
+
+## Links
+
+- [Strapi website](https://strapi.io/)
+- [Strapi documentation](https://docs.strapi.io)
+- [Strapi community on Discord](https://discord.strapi.io)
+- [Strapi news on Twitter](https://twitter.com/strapijs)
+
+## Installation
+
+```bash
+# using yarn
+yarn add @strapi/provider-upload-cloudinary
+
+# using npm
+npm install @strapi/provider-upload-cloudinary --save
+```

 ## Configurations

@ -8,7 +29,7 @@ Your configuration is passed down to the cloudinary configuration. (e.g: `cloudi

 See the [using a provider](https://docs.strapi.io/developer-docs/latest/plugins/upload.html#using-a-provider) documentation for information on installing and using a provider. And see the [environment variables](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#environment-variables) for setting and using environment variables in your configs.

-**Example**
+### Provider Configuration

 `./config/plugins.js`

@ -33,12 +54,29 @@ module.exports = ({ env }) => ({
 });
 ```

-## Resources
+### Security Middleware Configuration

- [License](LICENSE)
+Due to the default settings in the Strapi Security Middleware you will need to modify the `contentSecurityPolicy` settings to properly see thumbnail previews in the Media Library. You should replace `strapi::security` string with the object instead as explained in the [middleware configuration](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.html#loading-order) documentation.

-## Links
+`./config/middlewares.js`

- [Strapi website](https://strapi.io/)
- [Strapi community on Slack](https://slack.strapi.io)
- [Strapi news on Twitter](https://twitter.com/strapijs)
+```js
+module.exports = [
+  // ...
+  {
+    name: 'strapi::security',
+    config: {
+      contentSecurityPolicy: {
+        useDefaults: true,
+        directives: {
+          'connect-src': ["'self'", 'https:'],
+          'img-src': ["'self'", 'data:', 'blob:', 'res.cloudinary.com'],
+          'media-src': ["'self'", 'data:', 'blob:', 'res.cloudinary.com'],
+          upgradeInsecureRequests: null,
+        },
+      },
+    },
+  },
+  // ...
+];
+```
--- a/packages/providers/upload-local/README.md
+++ b/packages/providers/upload-local/README.md
@ -1,10 +1,31 @@
-# strapi-provider-upload-local
+# @strapi/provider-upload-local
+
+## Resources
+
+- [LICENSE](LICENSE)
+
+## Links
+
+- [Strapi website](https://strapi.io/)
+- [Strapi documentation](https://docs.strapi.io)
+- [Strapi community on Discord](https://discord.strapi.io)
+- [Strapi news on Twitter](https://twitter.com/strapijs)
+
+## Installation
+
+```bash
+# using yarn
+yarn add @strapi/provider-upload-local
+
+# using npm
+npm install @strapi/provider-upload-local --save
+```

 ## Configurations

 This provider has only one parameter: `sizeLimit`.

-**Example**
+### Provider Configuration

 `./config/plugins.js`

@ -25,12 +46,6 @@ module.exports = ({ env }) => ({

 The `sizeLimit` parameter must be a number. Be aware that the unit is in bytes, and the default is 1000000. When setting this value high, you should make sure to also configure the body parser middleware `maxFileSize` so the file can be sent and processed. Read more [here](https://docs.strapi.io/developer-docs/latest/plugins/upload.html#configuration)

-## Resources
+### Security Middleware Configuration

- [License](LICENSE)
-
-## Links
-
- [Strapi website](https://strapi.io/)
- [Strapi community on Slack](https://slack.strapi.io)
- [Strapi news on Twitter](https://twitter.com/strapijs)
+Special configuration of the Strapi Security Middleware is not required on this provider since the default configuration allows loading images and media from `"'self'"`.
--- a/packages/providers/upload-rackspace/README.md
+++ b/packages/providers/upload-rackspace/README.md
@ -1,4 +1,25 @@
-# strapi-provider-upload-rackspace
+# @strapi/provider-upload-rackspace
+
+## Resources
+
+- [LICENSE](LICENSE)
+
+## Links
+
+- [Strapi website](https://strapi.io/)
+- [Strapi documentation](https://docs.strapi.io)
+- [Strapi community on Discord](https://discord.strapi.io)
+- [Strapi news on Twitter](https://twitter.com/strapijs)
+
+## Installation
+
+```bash
+# using yarn
+yarn add @strapi/provider-upload-rackspace
+
+# using npm
+npm install @strapi/provider-upload-rackspace --save
+```

 ## Configurations

@ -6,7 +27,7 @@ Your configuration is passed down to the client initialization. (e.g: `createCli

 See the [using a provider](https://docs.strapi.io/developer-docs/latest/plugins/upload.html#using-a-provider) documentation for information on installing and using a provider. And see the [environment variables](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#environment-variables) for setting and using environment variables in your configs.

-**Example**
+### Provider Configuration

 `./config/plugins.js`

@ -28,12 +49,29 @@ module.exports = ({ env }) => ({
 });
 ```

-## Resources
+### Security Middleware Configuration

- [License](LICENSE)
+Due to the default settings in the Strapi Security Middleware you will need to modify the `contentSecurityPolicy` settings to properly see thumbnail previews in the Media Library. You should replace `strapi::security` string with the object instead as explained in the [middleware configuration](https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.html#loading-order) documentation.

-## Links
+`./config/middlewares.js`

- [Strapi website](https://strapi.io/)
- [Strapi community on Slack](https://slack.strapi.io)
- [Strapi news on Twitter](https://twitter.com/strapijs)
+```js
+module.exports = [
+  // ...
+  {
+    name: 'strapi::security',
+    config: {
+      contentSecurityPolicy: {
+        useDefaults: true,
+        directives: {
+          'connect-src': ["'self'", 'https:'],
+          'img-src': ["'self'", 'data:', 'blob:', 'storage.clouddrive.com'],
+          'media-src': ["'self'", 'data:', 'blob:', 'storage.clouddrive.com'],
+          upgradeInsecureRequests: null,
+        },
+      },
+    },
+  },
+  // ...
+];
+```
--- a/packages/providers/upload-rackspace/package.json
+++ b/packages/providers/upload-rackspace/package.json
@ -31,5 +31,8 @@
  "engines": {
    "node": ">=12.x.x <=16.x.x",
    "npm": ">=6.0.0"
+  },
+  "strapi": {
+    "isProvider": true
  }
 }