kronos/csp

A Content-Security-Policy header builder

Monday, February 5, 2018
by nvanheuverzwijn
Repository
12 Watchers
0 Stars
1,968 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
0 Open issues
5 Versions
9 % Grown

The README.md

kronos-csp

A PHP Content-Security-Policy header generator library., _(*1)

Usage

Using the `Builder`:


$factory = new \Kronos\ContentSecurityPolicy\Factory();
$builder = $factory->createContentSecurityPolicyBuilder(); 

$builder->setDefaultSrc(\Kronos\ContentSecurityPolicy\Policy::FETCH_NONE);

$policy = $builder->getContentSecurityPolicy();

header($policy->getHeader());

Using the `PolicyDirectorInterface`:

Director class:, _(*2)


use Kronos\ContentSecurityPolicy\Factory;
use Kronos\ContentSecurityPolicy\Policy;
use Kronos\ContentSecurityPolicy\PolicyDirectorInterface;

class Director implements PolicyDirectorInterface
{

    /** @var Factory */
    protected $factory;

    ...

    /**
     * @param Factory $factory
     * ...
     */
    public function __construct(Factory $factory, ...)
    {
        $this->factory = $factory;
        ...
    }

    public function buildContentSecurityPolicy()
    {
        $builder = $this->factory->createContentSecurityPolicyBuilder();

        $builder->setDefaultSrc([Policy::FETCH_NONE]);
        $builder->setObjectSrc([Policy::FETCH_NONE]);
        $builder->setStyleSrc([
            'mysite.example/css',
            'fonts.googleapis.com',
            'fonts.gstatic.com',
            Policy::FETCH_UNSAFE_INLINE
        ]);
        $builder->setFontSrc([
            'mysite.example/fonts',
            'fonts.googleapis.com',
            Policy::FETCH_UNSAFE_INLINE
        ]);
        $builder->setFrameAncestors([Policy::FETCH_NONE]);

        $builder->setReportUri('mysite.example/api/csp-report/');
        $builder->setReportOnly();

        return $builder->getContentSecurityPolicy();
    }

}

Code:, _(*3)

$factory = new \Kronos\ContentSecurityPolicy\Factory();
$director = new Director($factory);

$policy = $director->buildContentSecurityPolicy();

header($policy->getHeader());

The Versions

05/02 2018

dev-master

9999999-dev https://github.com/kronostechnologies/kronos-csp

A Content-Security-Policy header builder

Sources Download

MIT

The Requires

php >=5.6

The Development Requires

phpunit/phpunit 5.7.*

csp content-security-policy kronos

05/02 2018

0.2.0

0.2.0.0 https://github.com/kronostechnologies/kronos-csp

A Content-Security-Policy header builder

Sources Download

MIT

The Requires

php >=5.6

The Development Requires

phpunit/phpunit 5.7.*

csp content-security-policy kronos

11/01 2018

0.1.1

0.1.1.0 https://github.com/kronostechnologies/kronos-csp

A Content-Security-Policy header builder

Sources Download

MIT

The Requires

php >=5.6

The Development Requires

phpunit/phpunit 5.7.*

csp content-security-policy kronos

11/01 2018

0.1.0

0.1.0.0 https://github.com/kronostechnologies/kronos-csp

A Content-Security-Policy header builder

Sources Download

MIT

The Requires

php >=5.6

The Development Requires

phpunit/phpunit 5.7.*

csp content-security-policy kronos

11/01 2018

dev-rework-director

dev-rework-director https://github.com/kronostechnologies/kronos-csp

A Content-Security-Policy header builder

Sources Download

MIT

The Requires

php >=5.6

The Development Requires

phpunit/phpunit 5.7.*

csp content-security-policy kronos

library csp

A Content-Security-Policy header builder

kronos/csp

The README.md

kronos-csp

Usage

Using the Builder:

Using the PolicyDirectorInterface:

The Versions

dev-master

The Requires

The Development Requires

0.2.0

The Requires

The Development Requires

0.1.1

The Requires

The Development Requires

0.1.0

The Requires

The Development Requires

dev-rework-director

The Requires

The Development Requires

Using the `Builder`:

Using the `PolicyDirectorInterface`: