Name: csp
Owner: Middlewares
Description: PSR-15 middleware to add the Content-Security-Policy header to the response
Created: 2016-10-09 09:23:09.0
Updated: 2018-02-27 15:56:08.0
Pushed: 2018-01-26 23:29:31.0
Homepage: null
Size: 30
Language: PHP
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Middleware to add the Content-Security-Policy header to the response using paragonie/csp-builder library. It can also handle the CSP error reports using a Psr log implementation.
This package is installable and autoloadable via Composer as middlewares/csp.
oser require middlewares/csp
ParagonIE\CSPBuilder\CSPBuilder;
= CSPBuilder::fromFile('/path/to/source.json');
patcher = new Dispatcher([
new Middlewares\Csp($csp)
ponse = $dispatcher->dispatch(new ServerRequest());
__construct(ParagonIE\CSPBuilder\CSPBuilder $builder = null)
Set the CSP header builder. See paragonie/csp-builder for more info. If it's not provided, create a generic one with restrictive directives.
report(string $path, Psr\Log\LoggerInterface $log)
Configure the report-uri
and the logger used to store the CSP reports send by the browser. Example:
Monolog\Logger;
Monolog\Handler\StreamHandler;
ParagonIE\CSPBuilder\CSPBuilder;
eate the logger
ger = new Logger('csp');
ger->pushHandler(new StreamHandler(fopen('/csp-reports.txt', 'r+')));
eate the csp config
= CSPBuilder::fromFile('/path/to/source.json');
patcher = new Dispatcher([
(new Middlewares\Csp($csp))->report('/csp-report', $logger)
ponse = $dispatcher->dispatch(new ServerRequest());
createFromFile(string $path)
Shortcut to create instances using a json file:
patcher = new Dispatcher([
Middlewares\Csp::createFromFile(__DIR__.'/csp-config.json')
createFromData(array $data)
Shortcut to create instances using an array with data:
patcher = new Dispatcher([
Middlewares\Csp::createFromData([
'script-src' => ['self' => true],
'object-src' => ['self' => true],
'frame-ancestors' => ['self' => true],
])
Please see CHANGELOG for more information about recent changes and CONTRIBUTING for contributing details.
The MIT License (MIT). Please see LICENSE for more information.