ContentSecurityPolicy
class ContentSecurityPolicy implements MiddlewareInterface
Content security policy middleware.
Properties
protected Container; | $container | Container. | |
protected array|null | $reportTo | Report to. | |
protected bool | $reportOnly | Should we only report content security policy violations? | |
protected array | $directives | Content security policy directives. | |
protected string|null | $nonce | Content security policy nonce. | |
protected string | $nonceVariableName | Content security policy nonce view variable name. |
Methods
string
buildReportToValue()
Builds the "Report-To" header value.
string
generateNonce()
Generates a random content security policy nonce.
string
getNonce()
Returns the content security policy nonce.
string
buildValue()
Builds the "Content-Security-Policy" header value.
assignNonceViewVariable()
Assigns a global view variable containing the content security policy nonce.
Details
at line 78
__construct(Container $container)
Constructor.
at line 88
protected string
buildReportToValue()
Builds the "Report-To" header value.
at line 105
protected string
generateNonce()
Generates a random content security policy nonce.
at line 115
protected string
getNonce()
Returns the content security policy nonce.
at line 130
protected string
buildValue()
Builds the "Content-Security-Policy" header value.
at line 172
protected
assignNonceViewVariable()
Assigns a global view variable containing the content security policy nonce.