-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix #31 please make it possible to report and inforce policies #33
Conversation
Eclipse warns if a variable is defined but not used.
The listener does not depend on any other service or input that changes with each request.
In a next step I want to add two config subtrees to define directives to report and to enforce, see nelmio#31
This commit changes the constructor of ContentSecurityPolicyListener but I don't consider this to be a public API. The public API is just the configuration.
but use the full directive names e.g. img-src instead only img, report-uri instead report_uri
@@ -0,0 +1,115 @@ | |||
<?php | |||
|
|||
namespace Nelmio\SecurityBundle\ContentSecurityPolicy; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add the copyright header as https://github.com/nelmio/NelmioSecurityBundle/blob/master/NelmioSecurityBundle.php#L3-L10
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was about to add the header when I saw that only few other php files have such a header. Would you be so kind and add the header in one big commit that adds all missing headers? I don't care about the copyright.
I ran phpcs with standard PSR2 and fixed all issues introduced by me or in files touched by me. There are however still many issues in other files. I also fixed the issues outlined in the line comments in my first PR.
ping? |
I will try to do a good review to morrow. |
@thomas-koch-comsolit @thkoch2001 looks good overall to me. I haven't had time to try it out however but if you say it's good to go I will try to do that soon and merge. |
ping? |
Sorry busy times :/ But I'll just merge, thanks for the work :) |
fix #31 please make it possible to report and inforce policies
Also if you'd want to extend the config again to support #36 that'd be great. |
No description provided.