PHP OC\Security\CSP ContentSecurityPolicyManager Exemples

Langage de programmation: PHP

Espace de nommage/Pack: OC\Security\CSP

Class/Type: ContentSecurityPolicyManager

Exemples au hotexamples.com: 2

PHP OC\Security\CSP ContentSecurityPolicyManager - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de OC\Security\CSP\ContentSecurityPolicyManager extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Méthodes fréquemment utilisées

Afficher Cacher

getDefaultPolicy(2)

addDefaultPolicy(1)

mergePolicies(1)

Méthodes fréquemment utilisées

getDefaultPolicy (2)

addDefaultPolicy (1)

mergePolicies (1)

Associées

assetTheme

Boot_Flash

oxSuperCfg

OrderHasItemsDao

bp_get_blog_last_active

ProfileTabHandler

k1lib\forms\form_check_values

PAN

replaceTextToLinks

OutTree

Related in langs

TypeAliasTable (C#)

HpsTransactionType (C#)

ast_childcount (C++)

add_assoc_bool (C++)

NewRegistry (Go)

ExistsSubqueryExpr (Go)

ChunkUnloadEvent (Java)

WSPasswordCallback (Java)

set_setting (Python)

perspectiveMatrix (Python)

Exemple #1

0

Afficher le fichier

Fichier : securitymiddleware.php Projet : gvde/core

/** * Performs the default CSP modifications that may be injected by other * applications * * @param Controller $controller * @param string $methodName * @param Response $response * @return Response */ public function afterController($controller, $methodName, Response $response) { $policy = !is_null($response->getContentSecurityPolicy()) ? $response->getContentSecurityPolicy() : new ContentSecurityPolicy(); $defaultPolicy = $this->contentSecurityPolicyManager->getDefaultPolicy(); $defaultPolicy = $this->contentSecurityPolicyManager->mergePolicies($defaultPolicy, $policy); $response->setContentSecurityPolicy($defaultPolicy); return $response; }

Exemple #2

0

Afficher le fichier

Fichier : ContentSecurityPolicyManagerTest.php Projet : rchicoli/owncloud-core

public function testGetDefaultPolicyWithPolicies() { $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(); $policy->addAllowedFontDomain('mydomain.com'); $policy->addAllowedImageDomain('anotherdomain.de'); $this->contentSecurityPolicyManager->addDefaultPolicy($policy); $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(); $policy->addAllowedFontDomain('example.com'); $policy->addAllowedImageDomain('example.org'); $policy->allowInlineScript(true); $this->contentSecurityPolicyManager->addDefaultPolicy($policy); $policy = new \OCP\AppFramework\Http\EmptyContentSecurityPolicy(); $policy->addAllowedChildSrcDomain('childdomain'); $policy->addAllowedFontDomain('anotherFontDomain'); $this->contentSecurityPolicyManager->addDefaultPolicy($policy); $expected = new \OC\Security\CSP\ContentSecurityPolicy(); $expected->allowInlineScript(true); $expected->addAllowedFontDomain('mydomain.com'); $expected->addAllowedFontDomain('example.com'); $expected->addAllowedFontDomain('anotherFontDomain'); $expected->addAllowedImageDomain('anotherdomain.de'); $expected->addAllowedImageDomain('example.org'); $expected->addAllowedChildSrcDomain('childdomain'); $expectedStringPolicy = 'default-src \'none\';script-src \'self\' \'unsafe-inline\' \'unsafe-eval\';style-src \'self\' \'unsafe-inline\';img-src \'self\' data: blob: anotherdomain.de example.org;font-src \'self\' mydomain.com example.com anotherFontDomain;connect-src \'self\';media-src \'self\';child-src childdomain'; $this->assertEquals($expected, $this->contentSecurityPolicyManager->getDefaultPolicy()); $this->assertSame($expectedStringPolicy, $this->contentSecurityPolicyManager->getDefaultPolicy()->buildPolicy()); }