ContentSecurityPolicyReportOnly
extends ContentSecurityPolicy
in package
Content Security Policy Level 3 Header
Tags
Table of Contents
Properties
- $directives : array<string|int, mixed>
- The directives defined for this policy
- $validDirectiveNames : array<string|int, mixed>
- Valid directive names
Methods
- fromString() : static
- Create Content Security Policy header from a given header line
- getDirectives() : array<string|int, mixed>
- Get the list of defined directives
- getFieldName() : string
- Get the header name
- getFieldValue() : string
- Get the header value
- setDirective() : $this
- Sets the directive to consist of the source list
- toString() : string
- Return the header as a string
- toStringMultipleHeaders() : string
Properties
$directives
The directives defined for this policy
protected
array<string|int, mixed>
$directives
= []
$validDirectiveNames
Valid directive names
protected
array<string|int, mixed>
$validDirectiveNames
= [
// As per http://www.w3.org/TR/CSP/#directives
// Fetch directives
'child-src',
'connect-src',
'default-src',
'font-src',
'frame-src',
'img-src',
'manifest-src',
'media-src',
'object-src',
'prefetch-src',
'script-src',
'script-src-elem',
'script-src-attr',
'style-src',
'style-src-elem',
'style-src-attr',
'worker-src',
// Document directives
'base-uri',
'plugin-types',
'sandbox',
// Navigation directives
'form-action',
'frame-ancestors',
'navigate-to',
// Reporting directives
'report-uri',
'report-to',
// Other directives
'block-all-mixed-content',
'require-sri-for',
'require-trusted-types-for',
'trusted-types',
'upgrade-insecure-requests',
]
Methods
fromString()
Create Content Security Policy header from a given header line
public
static fromString(string $headerLine) : static
Parameters
- $headerLine : string
-
The header line to parse.
Tags
Return values
staticgetDirectives()
Get the list of defined directives
public
getDirectives() : array<string|int, mixed>
Return values
array<string|int, mixed>getFieldName()
Get the header name
public
getFieldName() : string
Return values
stringgetFieldValue()
Get the header value
public
getFieldValue() : string
Return values
stringsetDirective()
Sets the directive to consist of the source list
public
setDirective(string $name, array<string|int, mixed> $sources) : $this
Reverses http://www.w3.org/TR/CSP/#parsing-1
Parameters
- $name : string
-
The directive name.
- $sources : array<string|int, mixed>
-
The source list.
Tags
Return values
$thistoString()
Return the header as a string
public
toString() : string
Return values
stringtoStringMultipleHeaders()
public
toStringMultipleHeaders(array<string|int, mixed> $headers) : string
Parameters
- $headers : array<string|int, mixed>