1*4e3e87e4SAndreas Gohr<?php 2*4e3e87e4SAndreas Gohr 3*4e3e87e4SAndreas Gohrnamespace dokuwiki\plugin\upgrade\HTTP; 4*4e3e87e4SAndreas Gohr 5*4e3e87e4SAndreas Gohr/** 6*4e3e87e4SAndreas Gohr * Utilities to send HTTP Headers 7*4e3e87e4SAndreas Gohr */ 8*4e3e87e4SAndreas Gohrclass Headers 9*4e3e87e4SAndreas Gohr{ 10*4e3e87e4SAndreas Gohr /** 11*4e3e87e4SAndreas Gohr * Send a Content-Security-Polica Header 12*4e3e87e4SAndreas Gohr * 13*4e3e87e4SAndreas Gohr * Expects an associative array with individual policies and their values 14*4e3e87e4SAndreas Gohr * 15*4e3e87e4SAndreas Gohr * @param array $policy 16*4e3e87e4SAndreas Gohr */ 17*4e3e87e4SAndreas Gohr static public function contentSecurityPolicy($policy) 18*4e3e87e4SAndreas Gohr { 19*4e3e87e4SAndreas Gohr foreach ($policy as $key => $values) { 20*4e3e87e4SAndreas Gohr // if the value is not an array, we also accept newline terminated strings 21*4e3e87e4SAndreas Gohr if (!is_array($values)) $values = explode("\n", $values); 22*4e3e87e4SAndreas Gohr $values = array_map('trim', $values); 23*4e3e87e4SAndreas Gohr $values = array_unique($values); 24*4e3e87e4SAndreas Gohr $values = array_filter($values); 25*4e3e87e4SAndreas Gohr $policy[$key] = $values; 26*4e3e87e4SAndreas Gohr } 27*4e3e87e4SAndreas Gohr 28*4e3e87e4SAndreas Gohr $cspheader = 'Content-Security-Policy:'; 29*4e3e87e4SAndreas Gohr foreach ($policy as $key => $values) { 30*4e3e87e4SAndreas Gohr if ($values) { 31*4e3e87e4SAndreas Gohr $cspheader .= " $key " . join(' ', $values) . ';'; 32*4e3e87e4SAndreas Gohr } else { 33*4e3e87e4SAndreas Gohr $cspheader .= " $key;"; 34*4e3e87e4SAndreas Gohr } 35*4e3e87e4SAndreas Gohr } 36*4e3e87e4SAndreas Gohr 37*4e3e87e4SAndreas Gohr header($cspheader); 38*4e3e87e4SAndreas Gohr } 39*4e3e87e4SAndreas Gohr} 40