You are here

public function Csp::fallbackAwareAppendIfEnabled in Content-Security-Policy 8

Append to a directive if it or a fallback directive is enabled.

If the specified directive is not enabled but one of its fallback directives is, it will be initialized with the same value as the fallback before appending the new value.

If none of the specified directive's fallbacks are enabled, the directive will not be enabled.

Parameters

string $name: The directive name.

array|string $value: The directive value.

File

src/Csp.php, line 331

Class

Csp
A CSP Header.

Namespace

Drupal\csp

Code

public function fallbackAwareAppendIfEnabled($name, $value) {
  self::validateDirectiveName($name);
  if (!$this
    ->hasDirective($name)) {

    // Duplicate the closest fallback directive with a value.
    foreach (self::getDirectiveFallbackList($name) as $fallback) {
      if ($this
        ->hasDirective($fallback)) {
        $fallbackSourceList = $this
          ->getDirective($fallback);
        if (in_array(static::POLICY_NONE, $fallbackSourceList)) {
          $fallbackSourceList = [];
        }
        $this
          ->setDirective($name, $fallbackSourceList);
        break;
      }
    }
  }
  if ($this
    ->hasDirective($name)) {
    $this
      ->appendDirective($name, $value);
  }
}