function seckit_update_6101 in Security Kit 6
Changes Content-Security-Policy "allow" directive to "default-src".
File
- ./
seckit.install, line 21 - Install/uninstall actions for SecKit.
Code
function seckit_update_6101() {
// update CSP directives
// default-src is used instead of allow
$options = variable_get('seckit_xss', array());
if (isset($options['csp']['allow'])) {
$directive = $options['csp']['allow'];
if ($directive) {
// remove allow
unset($options['csp']['allow']);
// add default-src
$options['csp']['default-src'] = $directive;
// delete and set new version of variable
variable_del('seckit_xss');
variable_set('seckit_xss', $options);
}
}
}