You are here

Home » API reference » Content-Security-Policy 8 » Ie9CspSubscriber.php » Ie9CspSubscriber

public function Ie9CspSubscriber::onCspPolicyAlter in Content-Security-Policy 8

Alter CSP policy for compatibility with IE9 if needed.

Prior to Drupal 8.7, in order to support IE9, CssCollectionRenderer outputs more than 31 stylesheets as inline @import statements. Since checking the actual number of stylesheets included on the page is more difficult, just check the optimization settings, as in HtmlResponseAttachmentsProcessor::processAssetLibraries()

Parameters

\Drupal\csp\Event\PolicyAlterEvent $alterEvent: The Policy Alter event.

See also

https://www.drupal.org/node/2993171

CssCollectionRenderer::render()

HtmlResponseAttachmentsProcessor::processAssetLibraries()

File

src/EventSubscriber/Ie9CspSubscriber.php, line 68

Class

Ie9CspSubscriber
Alter CSP policy for IE9 Compatibility.

Namespace

Drupal\csp\EventSubscriber

Code

public function onCspPolicyAlter(PolicyAlterEvent $alterEvent) {
  if ((version_compare(\Drupal::VERSION, '8.7', '<') || $this->moduleHandler
    ->moduleExists('ie9')) && (defined('MAINTENANCE_MODE') || !$this->configFactory
    ->get('system.performance')
    ->get('css.preprocess'))) {
    $policy = $alterEvent
      ->getPolicy();

    // Prevent style-src-attr from falling back to style-src and having
    // 'unsafe-inline' enabled.
    $policy
      ->fallbackAwareAppendIfEnabled('style-src-attr', []);
    $policy
      ->fallbackAwareAppendIfEnabled('style-src', [
      Csp::POLICY_UNSAFE_INLINE,
    ]);
    $policy
      ->fallbackAwareAppendIfEnabled('style-src-elem', [
      Csp::POLICY_UNSAFE_INLINE,
    ]);
  }
}