I need to configure CSP for next case - test.[some domain].
Examples of domains test.fun.uk, test.notFun.uk etc.
So i need to allow everything after prefix test.
What i tried to do: 'connect-src 'self' test:*'. After setting configuration this way I get an error: 'https://test.smtth' violates CSP directive "connect-src 'self' ..."
You can specify PORT wildcards:
foo.com:*
and hostname wildcards:
*.mozilla.com
You are essentially trying to create a hostname wildcard with the syntax of the PORT wildcard, but since the latter part of your URL is not a port in use, it fails. Read the documentation and see that what you wanted to achieve is impossible:
Invalid wildcard host name expressions include "www..com", ".mozilla." and "mozilla.".
It's very easy to understand why this is invalid. Let's suppose that you wanted a wildcard at the latter part of your URL, so that test.fun.uk, test.notFun.uk are both covered. If that was allowed, what would prevent a hacker from injecting some malicious script into test.somethingelse.uk? Basically nothing.
If you want to allow multiple items to go through your CSP rules differing in the latter part of their URL, then you either list them in the CSP directives without the wildcard, or, you create a proxy site that will allow any request from your browser, see the source of the request and error out if the source does not match your criteria. Otherwise, redirect the request to the target and redirect the target's response to the browser.