Programming Language PHP
Namespace Nelmio\SecurityBundle\ContentSecurityPolicy
Class DirectiveSet
Total Examples 1
1 code examples of PHP Nelmio\SecurityBundle\ContentSecurityPolicy\DirectiveSet extracted from open source projects
private function addReportOrEnforceNode(string $reportOrEnforce): ArrayNodeDefinition
{
$builder = new TreeBuilder($reportOrEnforce);
$node = $builder->getRootNode();
$children = $node->children();
// Symfony should not normalize dashes to underlines, e.g. img-src to img_src
$node->normalizeKeys(false);
$children
->booleanNode('level1_fallback')
->info('Provides CSP Level 1 fallback when using hash or nonce (CSP level 2) by adding \'unsafe-inline\' source. See https://www.w3.org/TR/CSP2/#directive-script-src and https://www.w3.org/TR/CSP2/#directive-style-src')
->defaultValue(true)
->end();
$children
->arrayNode('browser_adaptive')
->canBeEnabled()
->info('Do not send directives that browser do not support')
->addDefaultsIfNotSet()
->children()
->scalarNode('parser')
->defaultValue('nelmio_security.ua_parser.ua_php')
->end()
->end()
->end();
foreach (DirectiveSet::getNames() as $name => $type) {
if (DirectiveSet::TYPE_NO_VALUE === $type) {
$children
->booleanNode($name)
->defaultFalse()
->end();
} elseif ('report-uri' === $name) {
$children
->arrayNode($name)
->scalarPrototype()->end()
->beforeNormalization()
->ifString()
->then(static function (string $value): array { return [$value]; })
->end()
->end();
} elseif (DirectiveSet::TYPE_URI_REFERENCE === $type) {
$children->scalarNode($name)
->end();
} else {
$children->arrayNode($name)
->scalarPrototype()
->end();
}
}
return $children->end();
}