CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
updateResponseHeaders example
if (!$event->isMainRequest()) {
return;
}
$nonces = [];
if ($this->cspHandler) {
if ($this->dumpDataCollector?->getDumpsCount() > 0) {
$this->cspHandler->disableCsp();
}
$nonces = $this->cspHandler->updateResponseHeaders($request, $response);
}
// do not capture redirects or modify XML HTTP Requests if ($request->isXmlHttpRequest()) {
return;
}
if ($response->headers->has('X-Debug-Token') && $response->isRedirect() && $this->interceptRedirects && 'html' === $request->getRequestFormat()) {
if ($request->hasSession() && ($session = $request->getSession())->isStarted() && $session->getFlashBag() instanceof AutoExpireFlashBag) {
// keep current flashes for one more request if using AutoExpireFlashBag $session->getFlashBag()->setAll($session->getFlashBag()->peekAll());
}
return;
}
$nonces = [];
if ($this->cspHandler) {
if ($this->dumpDataCollector?->getDumpsCount() > 0) {
$this->cspHandler->disableCsp();
}
$nonces = $this->cspHandler->updateResponseHeaders($request, $response);
}
// do not capture redirects or modify XML HTTP Requests if ($request->isXmlHttpRequest()) {
return;
}
if ($response->headers->has('X-Debug-Token') && $response->isRedirect() && $this->interceptRedirects && 'html' === $request->getRequestFormat()) {
if ($request->hasSession() && ($session = $request->getSession())->isStarted() && $session->getFlashBag() instanceof AutoExpireFlashBag) {
// keep current flashes for one more request if using AutoExpireFlashBag $session->getFlashBag()->setAll($session->getFlashBag()->peekAll());
}
$this->assertSame($expectedNonce, $cspHandler->getNonces($request, $response));
}
/** * @dataProvider provideRequestAndResponsesForOnKernelResponse */
public function testOnKernelResponse($nonce, $expectedNonce, Request $request, Response $response, array $expectedCsp)
{
$cspHandler = new ContentSecurityPolicyHandler($this->mockNonceGenerator($nonce));
$this->assertSame($expectedNonce, $cspHandler->updateResponseHeaders($request, $response));
$this->assertFalse($response->headers->has('X-SymfonyProfiler-Script-Nonce'));
$this->assertFalse($response->headers->has('X-SymfonyProfiler-Style-Nonce'));
foreach ($expectedCsp as $header => $value) {
$this->assertSame($value, $response->headers->get($header), $header);
}
}
public static function provideRequestAndResponses()
{
}
/** * @dataProvider provideRequestAndResponsesForOnKernelResponse */
public function testOnKernelResponse($nonce, $expectedNonce, Request $request, Response $response, array $expectedCsp)
{
$cspHandler = new ContentSecurityPolicyHandler($this->mockNonceGenerator($nonce));
$this->assertSame($expectedNonce, $cspHandler->updateResponseHeaders($request, $response));
$this->assertFalse($response->headers->has('X-SymfonyProfiler-Script-Nonce'));
$this->assertFalse($response->headers->has('X-SymfonyProfiler-Style-Nonce'));
foreach ($expectedCsp as $header => $value) {
$this->assertSame($value, $response->headers->get($header), $header);
}
}
public static function provideRequestAndResponses()
{