Method |
Description |
|
__construct ( array $policy = [] ) |
|
|
addDirective ( string $key, mixed $value = null ) : self |
Add a directive if it doesn't already exist |
|
addSource ( string $directive, string $path ) : self |
Add a source to our allow white-list |
|
allowPluginType ( string $mime = 'text/plain' ) : self |
Add a plugin type to be added |
|
compile ( ) : string |
Compile the current policies into a CSP header |
|
disableOldBrowserSupport ( ) : self |
Disable old browser support (e.g. Safari) |
|
enableOldBrowserSupport ( ) : self |
Enable old browser support (e.g. Safari) |
|
fromData ( string $data = '' ) : self |
Factory method - create a new CSPBuilder object from a JSON data |
|
fromFile ( string $filename = '' ) : self |
Factory method - create a new CSPBuilder object from a JSON file |
|
getCompiledHeader ( ) : string |
Get the formatted CSP header |
|
getHeaderArray ( boolean $legacy = true ) : array |
Get an associative array of headers to return. |
|
hash ( string $directive = 'script-src', string $script = '', string $algorithm = 'sha384' ) : self |
Add a new hash to the existing CSP |
|
injectCSPHeader ( Psr\Http\Message\MessageInterface $message, boolean $legacy = false ) : Psr\Http\Message\MessageInterface |
PSR-7 header injection |
|
nonce ( string $directive = 'script-src', string $nonce = '' ) : string |
Add a new nonce to the existing CSP |
|
preHash ( string $directive = 'script-src', string $hash = '', string $algorithm = 'sha384' ) : self |
Add a new (pre-calculated) base64-encoded hash to the existing CSP |
|
saveSnippet ( string $outputFile, string $format = self::FORMAT_NGINX ) : boolean |
Save CSP to a snippet file |
|
sendCSPHeader ( boolean $legacy = true ) : boolean |
Send the compiled CSP as a header() |
|
setDirective ( string $key, mixed $value = null ) : self |
Set a directive |
|