How to override default CSP rule in Codeigniter 4 ?

The default CSP settings are in the /app/Config/ContentSecurityPolicy.php file,but if you want to change them, don't edit this file.

Why?

My points:

1. The habit do not touch the system files of the engine - they can be restored when CMS is updated. Moreover, the developers have built in convenient methods for changing default settings.

2. Different sections of the site may have different Content Security Policy (CSP): related to payment - more strict, articles and forum - more lenient.
Pages with HTTP response codes 403/404/5xx should also have a very strict CSP.

3. Some CSP directives are accompanied by additional HTTP headers. For example, frame-ancestors directive is paired with the X-Frame-Options header to provide backward compatibility with legacy browsers. The report-to directive be must be preceded by a Report-To HTTP header.
It is more convenient to manage all this from one place, rather than from different modules.