‪TYPO3CMS  10.4
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader Class Reference

Public Member Functions

 __construct (string $header)
 
 isEmpty ()
 
 mitigatesCrossSiteScripting ()
 

Protected Member Functions

 directiveMitigatesCrossSiteScripting (ContentSecurityPolicyDirective $directive)
 

Protected Attributes

const HEADER_PATTERN = '#(?<directive>default-src|script-src|style-src|object-src)\h+(?<rule>[^;]+)(?:\s*;\s*|$)#'
 
ContentSecurityPolicyDirective[] $directives = array( )
 

Detailed Description

Evaluates a Content-Security-Policy HTTP header.

should only be used from within TYPO3 Core

Definition at line 25 of file ContentSecurityPolicyHeader.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader::__construct ( string  $header)

Definition at line 33 of file ContentSecurityPolicyHeader.php.

Member Function Documentation

◆ directiveMitigatesCrossSiteScripting()

TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader::directiveMitigatesCrossSiteScripting ( ContentSecurityPolicyDirective  $directive)
protected

Definition at line 69 of file ContentSecurityPolicyHeader.php.

References TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyDirective\hasInstructions().

Referenced by TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader\mitigatesCrossSiteScripting().

◆ isEmpty()

TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader::isEmpty ( )

Definition at line 45 of file ContentSecurityPolicyHeader.php.

◆ mitigatesCrossSiteScripting()

TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader::mitigatesCrossSiteScripting ( )

Definition at line 50 of file ContentSecurityPolicyHeader.php.

References TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader\directiveMitigatesCrossSiteScripting().

Member Data Documentation

◆ $directives

ContentSecurityPolicyDirective [] TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader::$directives = array( )
protected

Definition at line 31 of file ContentSecurityPolicyHeader.php.

◆ HEADER_PATTERN

const TYPO3\CMS\Install\SystemEnvironment\ServerResponse\ContentSecurityPolicyHeader::HEADER_PATTERN = '#(?<directive>default-src|script-src|style-src|object-src)\h+(?<rule>[^;]+)(?:\s*;\s*|$)#'
protected

Definition at line 27 of file ContentSecurityPolicyHeader.php.