Source of file SRIBuilder.php
Size: 2,358 Bytes - Last Modified: 2021-12-24T06:47:22+00:00
/var/www/docs.ssmods.com/process/src/src/Builders/SRIBuilder.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 | <?php namespace Firesphere\CSPHeaders\Builders; use Exception; use Firesphere\CSPHeaders\Extensions\ControllerCSPExtension; use Firesphere\CSPHeaders\Models\SRI; use Firesphere\CSPHeaders\View\CSPBackend; use SilverStripe\Control\Controller; use SilverStripe\Control\Director; use SilverStripe\Core\Config\Configurable; use SilverStripe\ORM\ValidationException; use SilverStripe\Security\Security; class SRIBuilder { use Configurable; /** * An array of javascript or css files to skip applying SRI to. * Files only need to start with the configured value, e.g. if this array contains * 'https://example.com' then all scripts from that site will be skipped. * @var array */ private static $skip_domains = []; /** * @param $file * @param array $htmlAttributes * @return array * @throws ValidationException * @throws Exception */ public function buildSRI($file, array $htmlAttributes): array { $skipFiles = $this->config()->get('skip_domains') ?? []; foreach ($skipFiles as $filename) { if (strpos($file, $filename) === 0) { return $htmlAttributes; } } // If an update is needed, set the SRI to null $sri = SRI::findOrCreate($file); if ($this->shouldUpdateSRI()) { $sri->SRI = null; $sri->forceChange(); $sri->write(); } $request = Controller::curr()->getRequest(); $cookieSet = ControllerCSPExtension::checkCookie($request); // Don't write integrity in dev, it's breaking build scripts if ($sri->SRI && (Director::isLive() || $cookieSet)) { $htmlAttributes['integrity'] = sprintf('%s-%s', CSPBackend::SHA384, $sri->SRI); $htmlAttributes['crossorigin'] = Director::is_site_url($file) ? '' : 'anonymous'; } return $htmlAttributes; } /** * @return bool */ private function shouldUpdateSRI(): bool { // Is updateSRI requested? return (Controller::curr()->getRequest()->getVar('updatesri') && // Does the user have the powers ((Security::getCurrentUser() && Security::getCurrentUser()->inGroup('administrators')) || // OR the site is in dev mode Director::isDev())); } } |