Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix #31 please make it possible to report and inforce policies #33

Merged
merged 10 commits into from
Nov 19, 2014
Merged

fix #31 please make it possible to report and inforce policies #33

merged 10 commits into from
Nov 19, 2014

Commits on Oct 24, 2014

  1. solve all Eclipse warnings 

    Eclipse warns if a variable is defined but not used.
    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    ef9fbe2 View commit details
    Browse the repository at this point in the history

  2. resolve yml validator warning in csp.yml

    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    66367af View commit details
    Browse the repository at this point in the history

  3. nelmio_security.csp_listener can have global scope 

    The listener does not depend on any other service or input that changes
with each request.
    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    d48fbe0 View commit details
    Browse the repository at this point in the history

  4. Make ContentSecurityPolicyListener an EventSubscriber

    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    fa7e0ad View commit details
    Browse the repository at this point in the history

  5. make configuration tree for directives reusable 

    In a next step I want to add two config subtrees to define
directives to report and to enforce, see nelmio#31
    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    a944e13 View commit details
    Browse the repository at this point in the history

  6. introduce DirectiveSet class 

    This commit changes the constructor of ContentSecurityPolicyListener
but I don't consider this to be a public API. The public API is just
the configuration.
    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    492b372 View commit details
    Browse the repository at this point in the history

  7. add config def for report|enforce subtrees 

    but use the full directive names
e.g. img-src instead only img, report-uri instead report_uri
    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    a668e25 View commit details
    Browse the repository at this point in the history

  8. handle new configuration with report, enforce sub trees

    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    d5cfc59 View commit details
    Browse the repository at this point in the history

  9. update README for new csp configuration

    Thomas Koch committed Oct 24, 2014
    Configuration menu
    Copy the full SHA
    b755005 View commit details
    Browse the repository at this point in the history

Commits on Oct 30, 2014

  1. fix coding style issues 

    I ran phpcs with standard PSR2 and fixed all issues introduced by me or in
files touched by me. There are however still many issues in other files.
I also fixed the issues outlined in the line comments in my first PR.
    Thomas Koch committed Oct 30, 2014
    Configuration menu
    Copy the full SHA
    cccd809 View commit details
    Browse the repository at this point in the history