public buildHeaderValue ( |
||
$request | ||
$signatures | array |
private function buildHeaders(DirectiveSet $directiveSet, $reportOnly, $compatHeaders) { $headerValue = $directiveSet->buildHeaderValue(); if (!$headerValue) { return array(); } $hn = function ($name) use($reportOnly) { return $name . ($reportOnly ? '-Report-Only' : ''); }; $headers = array($hn('Content-Security-Policy') => $headerValue); if ($compatHeaders) { $headers[$hn('X-Content-Security-Policy')] = $headerValue; } return $headers; }
private function buildHeaders(Request $request, DirectiveSet $directiveSet, $reportOnly, $compatHeaders, array $signatures = null) { // $signatures might be null if no KernelEvents::REQUEST has been triggered. // for instance if a security.authentication.failure has been dispatched $headerValue = $directiveSet->buildHeaderValue($request, $signatures); if (!$headerValue) { return array(); } $hn = function ($name) use($reportOnly) { return $name . ($reportOnly ? '-Report-Only' : ''); }; $headers = array($hn('Content-Security-Policy') => $headerValue); if ($compatHeaders) { $headers[$hn('X-Content-Security-Policy')] = $headerValue; } return $headers; }
public function testDirectiveSetUnset() { $directiveSet = new DirectiveSet(); $directiveSet->setDirectives(array('default-src' => 'foo')); $this->assertEquals('default-src foo', $directiveSet->buildHeaderValue()); $directiveSet->setDirective('default-src', ''); $this->assertEquals('', $directiveSet->buildHeaderValue()); }