leviathonbeast/php-flasher
1
0
Fork 0
mirror of https://github.com/php-flasher/php-flasher.git synced 2026-03-31 15:07:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update ContentSecurityPolicy handling and ResponseExtension

Browse Source
This commit is contained in:
Younes ENNAJI
2026-03-02 03:27:04 +00:00
parent f399bc912d
commit 286fe5143e
3 changed files with 24 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Prime/Http/Csp/ContentSecurityPolicyHandler.php
+10 -2
View File
@@ -44,6 +44,11 @@ final class ContentSecurityPolicyHandler implements ContentSecurityPolicyHandler
$this->cspDisabled = true;
}
public function reset(): void
{
$this->cspDisabled = false;
}
public function updateResponseHeaders(RequestInterface $request, ResponseInterface $response): array
{
if ($this->cspDisabled) {
@@ -168,10 +173,13 @@ final class ContentSecurityPolicyHandler implements ContentSecurityPolicyHandler
$directives = [];
foreach (explode(';', $header ?: '') as $directive) {
$parts = explode(' ', trim($directive));
if (\count($parts) < 1) { // @phpstan-ignore-line
$directive = trim($directive);
if ('' === $directive) {
continue;
}
$parts = explode(' ', $directive);
$name = array_shift($parts);
$directives[$name] = $parts;
}
src/Prime/Http/Csp/ContentSecurityPolicyHandlerInterface.php
+5
View File
@@ -20,4 +20,9 @@ interface ContentSecurityPolicyHandlerInterface
* @return array{csp_script_nonce?: ?string, csp_style_nonce?: ?string}
*/
public function updateResponseHeaders(RequestInterface $request, ResponseInterface $response): array;
/**
* Reset the handler state for long-running processes (Octane, FrankenPHP, etc.).
*/
public function reset(): void;
}
src/Prime/Http/ResponseExtension.php
+9 -1
View File
@@ -94,7 +94,15 @@ final readonly class ResponseExtension implements ResponseExtensionInterface
$url = $request->getUri();
foreach ($this->excludedPaths as $regexPattern) {
if (preg_match($regexPattern, $url)) {
$result = @preg_match($regexPattern, $url);
if (false === $result) {
trigger_error(\sprintf('Invalid regex pattern "%s" in excluded_paths configuration', $regexPattern), \E_USER_WARNING);
continue;
}
if (1 === $result) {
return true;
}
}