public function RemoveXFrameOptionsSubscriber::RemoveXFrameOptions in Allow site iframing 3.0.x
Same name and namespace in other branches
- 8 src/EventSubscriber/RemoveXFrameOptionsSubscriber.php \Drupal\allow_iframed_site\EventSubscriber\RemoveXFrameOptionsSubscriber::RemoveXFrameOptions()
Remove the X-Frame-Options header.
Parameters
\Symfony\Component\HttpKernel\Event\FilterResponseEvent $event:
Throws
\Drupal\Component\Plugin\Exception\PluginException
File
- src/
EventSubscriber/ RemoveXFrameOptionsSubscriber.php, line 51
Class
- RemoveXFrameOptionsSubscriber
- An event subscriber to remove the X-Frame-Options header.
Namespace
Drupal\allow_iframed_site\EventSubscriberCode
public function RemoveXFrameOptions(FilterResponseEvent $event) {
$xframe = TRUE;
/**
* Don't remove X-Frame-Options if pages and negate fields are not configured.
*/
$rowData = $this->config
->getRawData();
if (!empty($rowData)) {
if (empty($rowData['request_path']['pages']) && $rowData['request_path']['negate'] == 0) {
$xframe = FALSE;
}
else {
foreach ($this->config
->getRawData() as $key => $config) {
try {
/* @var \Drupal\system\Plugin\Condition\RequestPath $condition */
$condition = $this->conditionManager
->createInstance($key);
$condition
->setConfiguration($this->config
->get($key));
if ($condition
->evaluate() && $condition
->isNegated() || !$condition
->evaluate() && !$condition
->isNegated()) {
$xframe = FALSE;
}
} catch (PluginException $exception) {
// Just ignore it, there's probably not much else to do.
}
}
}
}
// If we got here we should be fine, but check it anyway.
if ($xframe) {
$response = $event
->getResponse();
$response->headers
->remove('X-Frame-Options');
}
}