Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
C
csp-3017868
Manage
Activity
Members
Labels
Plan
Custom issue tracker
Code
Merge requests
0
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Model registry
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Issue forks
csp-3017868
Commits
a53ca419
Commit
a53ca419
authored
1 year ago
by
Dieter Holvoet
Committed by
Geoff Appleby
1 year ago
Browse files
Options
Downloads
Patches
Plain Diff
Issue
#3409435
: Add hook_csp_policy_alter for themes
parent
f914ed79
No related branches found
No related tags found
No related merge requests found
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
csp.api.php
+33
-0
33 additions, 0 deletions
csp.api.php
csp.services.yml
+7
-0
7 additions, 0 deletions
csp.services.yml
src/EventSubscriber/ThemeHookCspSubscriber.php
+53
-0
53 additions, 0 deletions
src/EventSubscriber/ThemeHookCspSubscriber.php
with
93 additions
and
0 deletions
csp.api.php
0 → 100644
+
33
−
0
View file @
a53ca419
<?php
/**
* @file
* Documentation for CSP module APIs.
*/
/**
* @addtogroup hooks
* @{
*/
use
Drupal\csp\Csp
;
use
Symfony\Component\HttpFoundation\Response
;
/**
* Alters the CSP policy.
*
* This hook is only invoked for themes, modules should add an event subscriber
* listening to the CspEvents::POLICY_ALTER event.
*
* @param \Drupal\csp\Csp $policy
* The CSP policy.
* @param \Symfony\Component\HttpFoundation\Response $response
* The response the policy is applied to.
*/
function
hook_csp_policy_alter
(
Csp
$policy
,
Response
$response
):
void
{
$policy
->
appendDirective
(
'img-src'
,
'https://example.com'
);
}
/**
* @} End of "addtogroup hooks".
*/
This diff is collapsed.
Click to expand it.
csp.services.yml
+
7
−
0
View file @
a53ca419
...
...
@@ -33,6 +33,13 @@ services:
tags
:
-
{
name
:
event_subscriber
}
csp.theme_hook_csp_subscriber
:
class
:
Drupal\csp\EventSubscriber\ThemeHookCspSubscriber
arguments
:
-
'
@theme.manager'
tags
:
-
{
name
:
event_subscriber
}
logger.channel.csp
:
parent
:
logger.channel_base
arguments
:
[
'
csp'
]
This diff is collapsed.
Click to expand it.
src/EventSubscriber/ThemeHookCspSubscriber.php
0 → 100644
+
53
−
0
View file @
a53ca419
<?php
namespace
Drupal\csp\EventSubscriber
;
use
Drupal\Core\Theme\ThemeManagerInterface
;
use
Drupal\csp\CspEvents
;
use
Drupal\csp\Event\PolicyAlterEvent
;
use
Symfony\Component\EventDispatcher\EventSubscriberInterface
;
/**
* Invoke a hook allowing themes to alter the CSP policy.
*/
class
ThemeHookCspSubscriber
implements
EventSubscriberInterface
{
/**
* The theme manager service.
*
* @var \Drupal\Core\Theme\ThemeManagerInterface
*/
protected
$themeManager
;
/**
* {@inheritdoc}
*/
public
static
function
getSubscribedEvents
()
{
$events
[
CspEvents
::
POLICY_ALTER
]
=
[
'onCspPolicyAlter'
,
-
10
];
return
$events
;
}
/**
* ThemeHookCspSubscriber constructor.
*
* @param \Drupal\Core\Theme\ThemeManagerInterface $themeManager
* The theme manager service.
*/
public
function
__construct
(
ThemeManagerInterface
$themeManager
)
{
$this
->
themeManager
=
$themeManager
;
}
/**
* Invoke a hook allowing themes to alter the CSP policy.
*
* @param \Drupal\csp\Event\PolicyAlterEvent $alterEvent
* The policy alter event.
*/
public
function
onCspPolicyAlter
(
PolicyAlterEvent
$alterEvent
)
{
$policy
=
$alterEvent
->
getPolicy
();
$response
=
$alterEvent
->
getResponse
();
$this
->
themeManager
->
alter
(
'csp_policy'
,
$policy
,
$response
);
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment