16cda96e3SAndreas Gohr<?php 26cda96e3SAndreas Gohr 36cda96e3SAndreas Gohrnamespace dokuwiki\HTTP; 46cda96e3SAndreas Gohr 56cda96e3SAndreas Gohr/** 66cda96e3SAndreas Gohr * Utilities to send HTTP Headers 76cda96e3SAndreas Gohr */ 86cda96e3SAndreas Gohrclass Headers 96cda96e3SAndreas Gohr{ 106cda96e3SAndreas Gohr /** 116cda96e3SAndreas Gohr * Send a Content-Security-Polica Header 126cda96e3SAndreas Gohr * 136cda96e3SAndreas Gohr * Expects an associative array with individual policies and their values 146cda96e3SAndreas Gohr * 156cda96e3SAndreas Gohr * @param array $policy 166cda96e3SAndreas Gohr */ 17*fe15e2c0SAndreas Gohr public static function contentSecurityPolicy($policy) 186cda96e3SAndreas Gohr { 196cda96e3SAndreas Gohr foreach ($policy as $key => $values) { 206cda96e3SAndreas Gohr // if the value is not an array, we also accept newline terminated strings 216cda96e3SAndreas Gohr if (!is_array($values)) $values = explode("\n", $values); 226cda96e3SAndreas Gohr $values = array_map('trim', $values); 236cda96e3SAndreas Gohr $values = array_unique($values); 246cda96e3SAndreas Gohr $values = array_filter($values); 256cda96e3SAndreas Gohr $policy[$key] = $values; 266cda96e3SAndreas Gohr } 276cda96e3SAndreas Gohr 286cda96e3SAndreas Gohr $cspheader = 'Content-Security-Policy:'; 296cda96e3SAndreas Gohr foreach ($policy as $key => $values) { 306cda96e3SAndreas Gohr if ($values) { 31a3b08db5SAndreas Gohr $cspheader .= " $key " . implode(' ', $values) . ';'; 326cda96e3SAndreas Gohr } else { 336cda96e3SAndreas Gohr $cspheader .= " $key;"; 346cda96e3SAndreas Gohr } 356cda96e3SAndreas Gohr } 366cda96e3SAndreas Gohr 376cda96e3SAndreas Gohr header($cspheader); 386cda96e3SAndreas Gohr } 396cda96e3SAndreas Gohr} 40