-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PSR-7 support, or else array of headers to be returned #5
Comments
Something like this? function injectCSPHeader(\Psr\Http\Message\MessageInterface $message, $legacy = false)
{
if ($this->needsCompile) {
$this->compile();
}
// Are we doing a report-only header?
$which = $this->reportOnly
? 'Content-Security-Policy-Report-Only'
: 'Content-Security-Policy';
$message->withAddedHeader($which, $this->compiled);
if ($legacy) {
// Add deprecated headers for compatibility with old clients
$message->withAddedHeader('X-'.$which, $this->compiled);
$which = $this->reportOnly
? 'X-Webkit-CSP-Report-Only'
: 'X-Webkit-CSP';
$message->withAddedHeader($which, $this->compiled);
}
return $message;
} |
@paragonie-scott either that or simply return the array of headers Note that |
How does that look? |
@paragonie-scott looks good: is it covered by tests? |
The PSR-7 part isn't, yet. I don't really use PSR-7 anywhere directly so I'll need to find a way to add a unit test without adding a dependency to e.g. Guzzle. |
@paragonie-scott |
https://github.com/paragonie/csp-builder/blob/master/src/CSPBuilder.php#L269 This will break when it returns null. |
@paragonie-scott you can use |
Expectation failed for method name is equal to string:withHeader when invoked 2 time(s). .PHP Fatal error: Class Mock_MessageInterface_a0173770 contains 1 abstract method and must therefore be declared abstract or implement the remaining methods (Psr\Http\Message\MessageInterface::withHeader) in /mnt/share/csp-builder/vendor/phpunit/phpunit-mock-objects/src/Framework/MockObject/Generator.php(305) : eval()'d code on line 270 I've never used mocking before, and I have no idea what I'm even doing. |
@paragonie-scott I'll send a PR :-) |
…no legacy support)
…with legacy support)
@paragonie-scott see #6 |
Has this been adequately addressed in the latest release? |
Looks like this was done in |
This repo provides very useful functionality, but directly messes with global state via the
header
function.Hereby I suggest one of either:
csp-builder/src/CSPBuilder.php
Lines 323 to 330 in 8d8b993
The text was updated successfully, but these errors were encountered: