ControllerCSPExtension
extends Extension
in package
Class \Firesphere\CSPHeaders\Extensions\ControllerCSPExtension
This extension is applied to the PageController, to avoid duplicates. Any duplicates may be caused by extended classes. It should however, not affect the outcome
Table of Contents
Properties
- $isTesting : mixed
- $owner : Controller|ControllerCSPExtension
- $addPermissionHeaders : bool
- Should permission policies be added
- $addPolicyHeaders : bool
- Should we generate the policy headers or not
- $csp_config : array<string|int, mixed>
- Base CSP configuration
- $headTags : array<string|int, mixed>
- $inlineCSS : array<string|int, mixed>
- $inlineJS : array<string|int, mixed>
- $nonce : string
Methods
- addCSS() : mixed
- addJS() : mixed
- checkCookie() : bool
- getInlineCSS() : array<string|int, mixed>
- getInlineJS() : array<string|int, mixed>
- getNonce() : null|string
- isAddPolicyHeaders() : bool
- onBeforeInit() : mixed
- Add the needed headers from the database and config
- addCSP() : void
- addInlineCSSPolicy() : void
- addInlineJSPolicy() : void
- addResponseHeaders() : void
- addCSPHeaders() : void
- addPermissionsHeaders() : void
- Add the Permissions-Policy header
- trimDomain() : string
- Remove https://, trailing slash, etc.
- ymlToPolicy() : mixed
Properties
$isTesting
public
static mixed
$isTesting
= false
$owner
public
Controller|ControllerCSPExtension
$owner
$addPermissionHeaders
Should permission policies be added
protected
bool
$addPermissionHeaders
$addPolicyHeaders
Should we generate the policy headers or not
protected
bool
$addPolicyHeaders
$csp_config
Base CSP configuration
protected
static array<string|int, mixed>
$csp_config
$headTags
protected
array<string|int, mixed>
$headTags
= []
$inlineCSS
protected
static array<string|int, mixed>
$inlineCSS
= []
$inlineJS
protected
static array<string|int, mixed>
$inlineJS
= []
$nonce
protected
string
$nonce
randomised sha512 nonce for enabling scripts if you don't want to use validating of the full script
Methods
addCSS()
public
static addCSS(string $css) : mixed
Parameters
- $css : string
addJS()
public
static addJS(string $js) : mixed
Parameters
- $js : string
checkCookie()
public
static checkCookie(HTTPRequest $request) : bool
Parameters
- $request : HTTPRequest
Return values
boolgetInlineCSS()
public
static getInlineCSS() : array<string|int, mixed>
Return values
array<string|int, mixed>getInlineJS()
public
static getInlineJS() : array<string|int, mixed>
Return values
array<string|int, mixed>getNonce()
public
getNonce() : null|string
Return values
null|stringisAddPolicyHeaders()
public
isAddPolicyHeaders() : bool
Return values
boolonBeforeInit()
Add the needed headers from the database and config
public
onBeforeInit() : mixed
Tags
addCSP()
protected
addCSP(CSPBuilder $policy, Controller $owner) : void
Parameters
- $policy : CSPBuilder
- $owner : Controller
addInlineCSSPolicy()
protected
addInlineCSSPolicy(CSPBuilder $policy, array<string|int, mixed> $config) : void
Parameters
- $policy : CSPBuilder
- $config : array<string|int, mixed>
Tags
addInlineJSPolicy()
protected
addInlineJSPolicy(CSPBuilder $policy, array<string|int, mixed> $config) : void
Parameters
- $policy : CSPBuilder
- $config : array<string|int, mixed>
Tags
addResponseHeaders()
protected
addResponseHeaders(array<string|int, mixed> $headers, Controller $owner) : void
Parameters
- $headers : array<string|int, mixed>
- $owner : Controller
addCSPHeaders()
private
addCSPHeaders(mixed $ymlConfig, Controller $owner) : void
Parameters
- $ymlConfig : mixed
- $owner : Controller
Tags
addPermissionsHeaders()
Add the Permissions-Policy header
private
addPermissionsHeaders(array<string|int, mixed> $ymlConfig, Controller $controller) : void
Parameters
- $ymlConfig : array<string|int, mixed>
- $controller : Controller
trimDomain()
Remove https://, trailing slash, etc.
private
trimDomain( $domain) : string
Parameters
Return values
stringymlToPolicy()
private
ymlToPolicy(mixed $key, mixed $yml) : mixed
Parameters
- $key : mixed
- $yml : mixed