1*6cda96e3SAndreas Gohr<?php 2*6cda96e3SAndreas Gohr 3*6cda96e3SAndreas Gohrnamespace dokuwiki\HTTP; 4*6cda96e3SAndreas Gohr 5*6cda96e3SAndreas Gohr/** 6*6cda96e3SAndreas Gohr * Utilities to send HTTP Headers 7*6cda96e3SAndreas Gohr */ 8*6cda96e3SAndreas Gohrclass Headers 9*6cda96e3SAndreas Gohr{ 10*6cda96e3SAndreas Gohr /** 11*6cda96e3SAndreas Gohr * Send a Content-Security-Polica Header 12*6cda96e3SAndreas Gohr * 13*6cda96e3SAndreas Gohr * Expects an associative array with individual policies and their values 14*6cda96e3SAndreas Gohr * 15*6cda96e3SAndreas Gohr * @param array $policy 16*6cda96e3SAndreas Gohr */ 17*6cda96e3SAndreas Gohr static public function contentSecurityPolicy($policy) 18*6cda96e3SAndreas Gohr { 19*6cda96e3SAndreas Gohr foreach ($policy as $key => $values) { 20*6cda96e3SAndreas Gohr // if the value is not an array, we also accept newline terminated strings 21*6cda96e3SAndreas Gohr if (!is_array($values)) $values = explode("\n", $values); 22*6cda96e3SAndreas Gohr $values = array_map('trim', $values); 23*6cda96e3SAndreas Gohr $values = array_unique($values); 24*6cda96e3SAndreas Gohr $values = array_filter($values); 25*6cda96e3SAndreas Gohr $policy[$key] = $values; 26*6cda96e3SAndreas Gohr } 27*6cda96e3SAndreas Gohr 28*6cda96e3SAndreas Gohr $cspheader = 'Content-Security-Policy:'; 29*6cda96e3SAndreas Gohr foreach ($policy as $key => $values) { 30*6cda96e3SAndreas Gohr if ($values) { 31*6cda96e3SAndreas Gohr $cspheader .= " $key " . join(' ', $values) . ';'; 32*6cda96e3SAndreas Gohr } else { 33*6cda96e3SAndreas Gohr $cspheader .= " $key;"; 34*6cda96e3SAndreas Gohr } 35*6cda96e3SAndreas Gohr } 36*6cda96e3SAndreas Gohr 37*6cda96e3SAndreas Gohr header($cspheader); 38*6cda96e3SAndreas Gohr } 39*6cda96e3SAndreas Gohr} 40