1<?php 2 3namespace dokuwiki\HTTP; 4 5/** 6 * Utilities to send HTTP Headers 7 */ 8class Headers 9{ 10 /** 11 * Send a Content-Security-Polica Header 12 * 13 * Expects an associative array with individual policies and their values 14 * 15 * @param array $policy 16 */ 17 public static function contentSecurityPolicy($policy) 18 { 19 foreach ($policy as $key => $values) { 20 // if the value is not an array, we also accept newline terminated strings 21 if (!is_array($values)) $values = explode("\n", $values); 22 $values = array_map('trim', $values); 23 $values = array_unique($values); 24 $values = array_filter($values); 25 $policy[$key] = $values; 26 } 27 28 $cspheader = 'Content-Security-Policy:'; 29 foreach ($policy as $key => $values) { 30 if ($values) { 31 $cspheader .= " $key " . implode(' ', $values) . ';'; 32 } else { 33 $cspheader .= " $key;"; 34 } 35 } 36 37 header($cspheader); 38 } 39} 40