ubiquity/_content_security_8php_source.html

<?php

namespace Ubiquity\security\csp;


use Ubiquity\controllers\Startup;

use Ubiquity\utils\http\UResponse;


class ContentSecurity {


    const HEADER = 'Content-Security-Policy';


    const DEBUG_HEADER = 'Content-Security-Policy-Report-Only';


    private array $policies = [];


    private $header = self::HEADER;


    public function __construct(?bool $reportOnly = null) {

        if (isset($reportOnly)) {

            $this->reportOnly($reportOnly);

        }

    }


    public function addPolicy(string $directive, string ...$values): self {

        $policies = $this->policies[$directive] ?? [];

        foreach ($values as $v) {

            if (\in_array($v, CspValues::QUOTED)) {

                $v = "'$v'";

            }

            $policies[$v] = true;

        }

        $this->policies[$directive] = $policies;

        return $this;

    }


    public function removePolicy(string $directive, string ...$values): self {

        $policies = $this->policies[$directive] ?? [];

        foreach ($values as $v) {

            if (\in_array($v, CspValues::QUOTED)) {

                $v = "'$v'";

            }

            if (isset($this->policies[$directive][$v])) {

                unset($this->policies[$directive][$v]);

            }

        }

        return $this;

    }


    public function addPolicyDefault(string $directive, string ...$values): self {

        $default = \array_keys($this->policies[CspDirectives::DEFAULT_SRC] ?? []);

        $values = \array_merge($default, $values);

        $this->addPolicy($directive, ...$values);

        return $this;

    }


    public function addNonce(string $nonce, string ...$directives): self {

        foreach ($directives as $directive) {

            $this->addPolicy($directive, "'nonce-$nonce'", CspValues::STRICT_DYNAMIC);

        }

        return $this;

    }


    public function addHash(string $hash, string ...$directives): self {

        foreach ($directives as $directive) {

            $this->addPolicy($directive, "'$hash'");

        }

        return $this;

    }


    public function addNonceDefault(string $nonce, string ...$directives): self {

        foreach ($directives as $directive) {

            $this->addPolicyDefault($directive, "'nonce-$nonce'", CspValues::STRICT_DYNAMIC);

        }

        return $this;

    }


    public function addHashDefault(string $hash, string ...$directives): self {

        foreach ($directives as $directive) {

            $this->addPolicyDefault($directive, "'$hash'");

        }

        return $this;

    }


    public function setDefaultSrc(string ...$policies): self {

        return $this->addPolicy(CspDirectives::DEFAULT_SRC, ...$policies);

    }


    public function generate(): string {

        $strs = '';

        foreach ($this->policies as $directive => $policy) {

            $policies = \array_keys($policy);

            $strs .= $directive . ' ' . \implode(' ', $policies) . ';';

        }

        return $strs;

    }


    public function display(callable $directiveCall, callable $policyCall): string {

        $strs = '';

        foreach ($this->policies as $directive => $policy) {

            $policies = \array_keys($policy);

            $strs .= $directiveCall($directive) . $policyCall(\implode(' ', $policies));

        }

        return $strs;

    }


    public function reportOnly(?bool $reportOnly = true): self {

        if (isset($reportOnly)) {

            $this->header = $reportOnly ? self::DEBUG_HEADER : self::HEADER;

        }

        return $this;

    }


    public function addHeaderToResponse(?bool $reportOnly = null): void {

        if (isset($reportOnly)) {

            $this->reportOnly($reportOnly);

        }

        UResponse::header($this->header, $this->generate(), false);

    }


    public static function nonce($nonce, string ...$directives): ContentSecurity {

        $csp = new self();

        return $csp->addNonce($nonce, ...$directives);

    }


    public static function all(): ContentSecurity {

        $csp = new self();

        return $csp->addPolicy(CspDirectives::DEFAULT_SRC, CspValues::SELF);

    }


    public function getPolicies(): array {

        return $this->policies;

    }


    public static function defaultUbiquity(): ContentSecurity {

        $csp = new self();

        $csp->addPolicyDefault(CspDirectives::CONNECT_SRC, CspValues::SELF);

        $csp->addPolicy(CspDirectives::IMG_SRC, 'data:');

        return $csp;

    }


    public static function defaultUbiquityDebug(string $livereloadServer = '127.0.0.1:35729'): ContentSecurity {

        $csp = self::defaultUbiquity();

        $config = Startup::$config;

        if ($config['debug'] && \Ubiquity\debug\LiveReload::hasLiveReload()) {

            $csp->addPolicyDefault(CspDirectives::CONNECT_SRC, "ws://$livereloadServer");

        }

        return $csp;

    }


}


Ubiquity\controllers\Startup
Starts the framework.
Definition Startup.php:19

Ubiquity\security\csp\ContentSecurity
Creates a Content Security Policy object.
Definition ContentSecurity.php:16

Ubiquity\security\csp\ContentSecurity\all
static all()
Creates a new ContentSecurity object, with self in default-src.
Definition ContentSecurity.php:222

Ubiquity\security\csp\ContentSecurity\defaultUbiquityDebug
static defaultUbiquityDebug(string $livereloadServer='127.0.0.1:35729')
Creates a new ContentSecurity object for Ubiquity Webtools in debug mode.
Definition ContentSecurity.php:254

Ubiquity\security\csp\ContentSecurity\addHashDefault
addHashDefault(string $hash, string ... $directives)
Adds a hash to a directive, re-using default-src actual values.
Definition ContentSecurity.php:132

Ubiquity\security\csp\ContentSecurity\getPolicies
getPolicies()
Returns the actual policies.
Definition ContentSecurity.php:232

Ubiquity\security\csp\ContentSecurity\reportOnly
reportOnly(?bool $reportOnly=true)
Sets reportOnly.
Definition ContentSecurity.php:185

Ubiquity\security\csp\ContentSecurity\addNonceDefault
addNonceDefault(string $nonce, string ... $directives)
Adds a nonce to a directive, re-using default-src actual values.
Definition ContentSecurity.php:118

Ubiquity\security\csp\ContentSecurity\setDefaultSrc
setDefaultSrc(string ... $policies)
Defines the policies for default-src directive.
Definition ContentSecurity.php:145

Ubiquity\security\csp\ContentSecurity\addHeaderToResponse
addHeaderToResponse(?bool $reportOnly=null)
Adds headers to the response.
Definition ContentSecurity.php:197

Ubiquity\security\csp\ContentSecurity\$header
$header
Definition ContentSecurity.php:24

Ubiquity\security\csp\ContentSecurity\$policies
array $policies
Definition ContentSecurity.php:22

Ubiquity\security\csp\ContentSecurity\HEADER
const HEADER
Definition ContentSecurity.php:18

Ubiquity\security\csp\ContentSecurity\generate
generate()
Generates the header string.
Definition ContentSecurity.php:154

Ubiquity\security\csp\ContentSecurity\nonce
static nonce($nonce, string ... $directives)
Creates a nonce and add it to some directives.
Definition ContentSecurity.php:212

Ubiquity\security\csp\ContentSecurity\display
display(callable $directiveCall, callable $policyCall)
Display a ContentSecurity object.
Definition ContentSecurity.php:170

Ubiquity\security\csp\ContentSecurity\addPolicyDefault
addPolicyDefault(string $directive, string ... $values)
Adds new values to a directive, re-using default-src actual values.
Definition ContentSecurity.php:76

Ubiquity\security\csp\ContentSecurity\addNonce
addNonce(string $nonce, string ... $directives)
Adds a nonce to the directives.
Definition ContentSecurity.php:90

Ubiquity\security\csp\ContentSecurity\__construct
__construct(?bool $reportOnly=null)
ContentSecurity constructor.
Definition ContentSecurity.php:31

Ubiquity\security\csp\ContentSecurity\addPolicy
addPolicy(string $directive, string ... $values)
Adds new values to a directive.
Definition ContentSecurity.php:44

Ubiquity\security\csp\ContentSecurity\defaultUbiquity
static defaultUbiquity()
Creates a new ContentSecurity object for Ubiquity Webtools.
Definition ContentSecurity.php:241

Ubiquity\security\csp\ContentSecurity\removePolicy
removePolicy(string $directive, string ... $values)
Definition ContentSecurity.php:56

Ubiquity\security\csp\ContentSecurity\DEBUG_HEADER
const DEBUG_HEADER
Definition ContentSecurity.php:20

Ubiquity\security\csp\ContentSecurity\addHash
addHash(string $hash, string ... $directives)
Adds a hash to the directives.
Definition ContentSecurity.php:104

Ubiquity\security\csp\CspDirectives
Ubiquity\security\cspCspDirectives This class is part of Ubiquity.
Definition CspDirectives.php:13

Ubiquity\security\csp\CspValues\QUOTED
const QUOTED
Definition CspValues.php:30

Ubiquity\utils\http\UResponse
Http Response utilities.
Definition UResponse.php:17

Ubiquity\security\csp
Definition ContentSecurity.php:2

Ubiquity
Class Configuration \config.