Documentation

CSP

Adds functions for adding and removinng CSP

Table of Contents

$csp  : array<, mixed>
$nocsp  : array<, mixed>
addCSP()  : void
Add an item for use in a CSP header - could be 'unsafe-inline', a domain or other stuff
removeCSP()  : void
Remove an item from a CSP header - could be 'unsafe-inline', a domain or other stuff
saveCSP()  : string
compute, save and return a hash for use in a CSP header
setCSP()  : void
Set up default CSP headers for a page

Properties

$csp

private array<, mixed> $csp = []

Holds values that need to be added to CSP headers.

$nocsp

private array<, mixed> $nocsp = []

Holds values that need to be removed from CSP headers.

Methods

addCSP()

Add an item for use in a CSP header - could be 'unsafe-inline', a domain or other stuff

public addCSP( $type[, string $host = '' ]) : void
Parameters
$type :

What the item is for (script-src, style-src etc.)

$host : string = ''

The host to add

Return values
void

removeCSP()

Remove an item from a CSP header - could be 'unsafe-inline', a domain or other stuff

public removeCSP( $type[, string $host = '' ]) : void
Parameters
$type :

What the item is for (script-src, style-src etc.)

$host : string = ''

The item to remove

Tags
psalm-suppress

PossiblyUnusedMethod

Return values
void

saveCSP()

compute, save and return a hash for use in a CSP header

public saveCSP(string $type, string $data) : string
Parameters
$type : string

What the hash is for (script-src, css-src etc.)

$data : string

The data to be hashed

Tags
psalm-suppress

PossiblyUnusedMethod

Return values
string

Returns the hash

setCSP()

Set up default CSP headers for a page

public setCSP() : void

There will be a basic set of default CSP permissions for the site to function, but individual pages may wish to extend or restrict these.

Tags
psalm-suppress

PossiblyUnusedMethod

Return values
void

Search results