You are here

Home » API reference » Security Kit 7 » seckit.install

function seckit_update_7101 in Security Kit 7

Changes Content-Security-Policy "allow" directive to "default-src".

File

./seckit.install, line 58
Install/update/uninstall actions for SecKit.

Code

function seckit_update_7101() {

  // update CSP directives
  // default-src is used instead of allow
  $options = variable_get('seckit_xss');
  if (isset($options['csp']['allow'])) {
    $directive = $options['csp']['allow'];
    if ($directive) {

      // remove allow
      unset($options['csp']['allow']);

      // add default-src
      $options['csp']['default-src'] = $directive;

      // delete and set new version of variable
      variable_del('seckit_xss');
      variable_set('seckit_xss', $options);
    }
  }
}