ContentSecurityPolicy
class ContentSecurityPolicy implements MiddlewareInterface
Content security policy middleware.
Properties
| protected Container; | $container | Container. | |
| protected array|null | $reportTo | Report to. | |
| protected bool | $reportOnly | Should we only report content security policy violations? | |
| protected array | $directives | Content security policy directives. | |
| protected string|null | $nonce | Content security policy nonce. | |
| protected string | $nonceVariableName | Content security policy nonce view variable name. |
Methods
string
buildReportToValue()
Builds the "Report-To" header value.
string
generateNonce()
Generates a random content security policy nonce.
string
getNonce()
Returns the content security policy nonce.
string
buildValue()
Builds the "Content-Security-Policy" header value.
assignNonceViewVariable()
Assigns a global view variable containing the content security policy nonce.
Details
at line 80
__construct(Container $container)
Constructor.
at line 90
protected string
buildReportToValue()
Builds the "Report-To" header value.
at line 107
protected string
generateNonce()
Generates a random content security policy nonce.
at line 117
protected string
getNonce()
Returns the content security policy nonce.
at line 132
protected string
buildValue()
Builds the "Content-Security-Policy" header value.
at line 174
protected
assignNonceViewVariable()
Assigns a global view variable containing the content security policy nonce.