You are here

Home » API reference » HTTP Response Headers 8.2

http_response_headers.install in HTTP Response Headers 8.2

Same filename and directory in other branches
  1. 7 http_response_headers.install
  2. 2.0.x http_response_headers.install

HTTP Header manipulations install.

File

http_response_headers.install
View source 
<?php

/**
 * @file
 * HTTP Header manipulations install.
 */
use Drupal\http_response_headers\ResponseHeaderInterface;

/**
 * Implements hook_requirements().
 */
function http_response_headers_requirements($phase) {
  $requirements = array();
  if ($phase == 'runtime') {
    $entity_manager = \Drupal::entityTypeManager()
      ->getStorage('response_header');

    // Report response headers that should be configured.
    $strict_transport_security = $entity_manager
      ->load('strict_transport_security');
    $public_key_pins = $entity_manager
      ->load('public_key_pins');
    if (!isset($strict_transport_security) || $strict_transport_security instanceof ResponseHeaderInterface || empty($strict_transport_security
      ->get('value'))) {
      $requirements['response_header_security_policy'] = array(
        'title' => t('Content Security Policy'),
        'value' => t('Not configured'),
        'description' => t("It is highly recommended to set a secure Content Security Policy. A recommended value would be `default-src https: data: \\'unsafe-inline\\' \\'unsafe-eval\\'`. See the <a href=':help'>HTTP Response Headers Help page</a> for more information.", array(
          ':help' => '/admin/help/http_response_headers',
        )),
        'severity' => REQUIREMENT_WARNING,
      );
    }
    if (!isset($public_key_pins) || $public_key_pins instanceof ResponseHeaderInterface || empty($public_key_pins
      ->get('value'))) {
      $requirements['response_header_public_key_pins'] = array(
        'title' => t('Public Key Pins'),
        'value' => t('Not configured'),
        'description' => t("It is highly recommended to configure your Public Key Pins. See the <a href=':help'>HTTP Response Headers Help page</a> for more information.", array(
          ':help' => '/admin/help/http_response_headers',
        )),
        'severity' => REQUIREMENT_WARNING,
      );
    }
  }
  return $requirements;
}

/**
 * Changing to using entities instead of configuration objects.
 */
function http_response_headers_update_8001() {
  $old_config = \Drupal::configFactory()
    ->get('http_response_headers.settings');
  if (!empty($old_config
    ->get('headers'))) {
    foreach ($old_config
      ->get('headers') as $header) {
      $entity = array(
        'id' => preg_replace('/[^a-z0-9_]+/', '_', strtolower($header['name'])),
        'label' => $header['name'],
        'name' => $header['name'],
        'description' => '',
        'group' => $header['group'],
        'value' => $header['value'],
      );
      $entity_manager = \Drupal::entityTypeManager()
        ->getStorage('response_header');
      if ($existing_entity = current($entity_manager
        ->loadByProperties(array(
        'name' => $entity['name'],
      )))) {
        $saved = $existing_entity
          ->set('value', $entity['value'])
          ->save();
      }
      else {
        $saved = $entity_manager
          ->create($entity)
          ->save();
      }
    }
    \Drupal::configFactory()
      ->getEditable('http_response_headers.settings')
      ->delete();
  }
}

Functions

Namesort descending Description
http_response_headers_requirements Implements hook_requirements().
http_response_headers_update_8001 Changing to using entities instead of configuration objects.