function http_response_headers_requirements in HTTP Response Headers 2.0.x
Same name and namespace in other branches
- 8.2 http_response_headers.install \http_response_headers_requirements()
Implements hook_requirements().
File
- ./
http_response_headers.install, line 13 - HTTP Header manipulations install.
Code
function http_response_headers_requirements($phase) {
$requirements = array();
if ($phase == 'runtime') {
$entity_manager = \Drupal::entityTypeManager()
->getStorage('response_header');
// Report response headers that should be configured.
$strict_transport_security = $entity_manager
->load('strict_transport_security');
$public_key_pins = $entity_manager
->load('public_key_pins');
if (!isset($strict_transport_security) || $strict_transport_security instanceof ResponseHeaderInterface || empty($strict_transport_security
->get('value'))) {
$requirements['response_header_security_policy'] = array(
'title' => t('Content Security Policy'),
'value' => t('Not configured'),
'description' => t("It is highly recommended to set a secure Content Security Policy. A recommended value would be `default-src https: data: \\'unsafe-inline\\' \\'unsafe-eval\\'`. See the <a href=':help'>HTTP Response Headers Help page</a> for more information.", array(
':help' => '/admin/help/http_response_headers',
)),
'severity' => REQUIREMENT_WARNING,
);
}
if (!isset($public_key_pins) || $public_key_pins instanceof ResponseHeaderInterface || empty($public_key_pins
->get('value'))) {
$requirements['response_header_public_key_pins'] = array(
'title' => t('Public Key Pins'),
'value' => t('Not configured'),
'description' => t("It is highly recommended to configure your Public Key Pins. See the <a href=':help'>HTTP Response Headers Help page</a> for more information.", array(
':help' => '/admin/help/http_response_headers',
)),
'severity' => REQUIREMENT_WARNING,
);
}
}
return $requirements;
}