Changeset View
Changeset View
Standalone View
Standalone View
src/aphront/response/AphrontResponse.php
| <?php | <?php | ||||
| abstract class AphrontResponse extends Phobject { | abstract class AphrontResponse extends Phobject { | ||||
| private $request; | private $request; | ||||
| private $cacheable = false; | private $cacheable = false; | ||||
| private $canCDN; | private $canCDN; | ||||
| private $responseCode = 200; | private $responseCode = 200; | ||||
| private $lastModified = null; | private $lastModified = null; | ||||
| private $contentSecurityPolicyURIs; | private $contentSecurityPolicyURIs; | ||||
| private $disableContentSecurityPolicy; | private $disableContentSecurityPolicy; | ||||
| protected $frameable; | protected $frameable; | ||||
| private $headers = array(); | |||||
| public function setRequest($request) { | public function setRequest($request) { | ||||
| $this->request = $request; | $this->request = $request; | ||||
| return $this; | return $this; | ||||
| } | } | ||||
| public function getRequest() { | public function getRequest() { | ||||
| return $this->request; | return $this->request; | ||||
| Show All 22 Lines | final public function addContentSecurityPolicyURI($kind, $uri) { | ||||
| return $this; | return $this; | ||||
| } | } | ||||
| final public function setDisableContentSecurityPolicy($disable) { | final public function setDisableContentSecurityPolicy($disable) { | ||||
| $this->disableContentSecurityPolicy = $disable; | $this->disableContentSecurityPolicy = $disable; | ||||
| return $this; | return $this; | ||||
| } | } | ||||
| final public function addHeader($key, $value) { | |||||
| $this->headers[] = array($key, $value); | |||||
| return $this; | |||||
| } | |||||
| /* -( Content )------------------------------------------------------------ */ | /* -( Content )------------------------------------------------------------ */ | ||||
| public function getContentIterator() { | public function getContentIterator() { | ||||
| // By default, make sure responses are truly returning a string, not some | // By default, make sure responses are truly returning a string, not some | ||||
| // kind of object that behaves like a string. | // kind of object that behaves like a string. | ||||
| Show All 40 Lines | public function getHeaders() { | ||||
| $csp = $this->newContentSecurityPolicyHeader(); | $csp = $this->newContentSecurityPolicyHeader(); | ||||
| if ($csp !== null) { | if ($csp !== null) { | ||||
| $headers[] = array('Content-Security-Policy', $csp); | $headers[] = array('Content-Security-Policy', $csp); | ||||
| } | } | ||||
| $headers[] = array('Referrer-Policy', 'no-referrer'); | $headers[] = array('Referrer-Policy', 'no-referrer'); | ||||
| foreach ($this->headers as $header) { | |||||
| $headers[] = $header; | |||||
| } | |||||
| return $headers; | return $headers; | ||||
| } | } | ||||
| private function newContentSecurityPolicyHeader() { | private function newContentSecurityPolicyHeader() { | ||||
| if ($this->disableContentSecurityPolicy) { | if ($this->disableContentSecurityPolicy) { | ||||
| return null; | return null; | ||||
| } | } | ||||
| ▲ Show 20 Lines • Show All 325 Lines • Show Last 20 Lines | |||||