Source of file SecurityHeaderControllerExtension.php
Size: 1,518 Bytes - Last Modified: 2021-12-24T06:50:36+00:00
/var/www/docs.ssmods.com/process/src/code/SecurityHeaderControllerExtension.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 | <?php namespace Guttmann\SilverStripe; use Config; use Extension; class SecurityHeaderControllerExtension extends Extension { public function onAfterInit() { $response = $this->owner->getResponse(); $headersToSend = (array) Config::inst()->get('Guttmann\SilverStripe\SecurityHeaderControllerExtension', 'headers'); $xHeaderMap = (array) Config::inst()->get('Guttmann\SilverStripe\SecurityHeaderControllerExtension', 'x_headers_map'); foreach ($headersToSend as $header => $value) { if ($header === 'Content-Security-Policy' && !$this->browserHasWorkingCSPImplementation()) { continue; } $response->addHeader($header, $value); if (isset($xHeaderMap[$header])) { foreach ($xHeaderMap[$header] as $xHeader) { $response->addHeader($xHeader, $value); } } } } private function browserHasWorkingCSPImplementation() { $agent = strtolower( $this->owner->getRequest()->getHeader('User-Agent') ); if (strpos($agent, 'safari') === false) { return true; } $split = explode('version/', $agent); if (!isset($split[1])) { return true; } $version = trim($split[1]); $versions = explode('.', $version); if (isset($versions[0]) && $versions[0] <= 5) { return false; } return true; } } |