1<?php
2
3namespace dokuwiki\HTTP;
4
5/**
6 * Utilities to send HTTP Headers
7 */
8class Headers
9{
10    /**
11     * Send a Content-Security-Polica Header
12     *
13     * Expects an associative array with individual policies and their values
14     *
15     * @param array $policy
16     */
17    public static function contentSecurityPolicy($policy)
18    {
19        foreach ($policy as $key => $values) {
20            // if the value is not an array, we also accept newline terminated strings
21            if (!is_array($values)) $values = explode("\n", $values);
22            $values = array_map('trim', $values);
23            $values = array_unique($values);
24            $values = array_filter($values);
25            $policy[$key] = $values;
26        }
27
28        $cspheader = 'Content-Security-Policy:';
29        foreach ($policy as $key => $values) {
30            if ($values) {
31                $cspheader .= " $key " . implode(' ', $values) . ';';
32            } else {
33                $cspheader .= " $key;";
34            }
35        }
36
37        header($cspheader);
38    }
39}
40