public function SecKitEventSubscriber::seckitXxss in Security Kit 8
Same name and namespace in other branches
- 2.x src/EventSubscriber/SecKitEventSubscriber.php \Drupal\seckit\EventSubscriber\SecKitEventSubscriber::seckitXxss()
Sends X-XSS-Protection HTTP header.
X-XSS-Protection controls IE8/Safari/Chrome internal XSS filter.
1 call to SecKitEventSubscriber::seckitXxss()
- SecKitEventSubscriber::onKernelResponse in src/
EventSubscriber/ SecKitEventSubscriber.php - Executes actions on the response event.
File
- src/
EventSubscriber/ SecKitEventSubscriber.php, line 304
Class
- SecKitEventSubscriber
- Subscribing an event.
Namespace
Drupal\seckit\EventSubscriberCode
public function seckitXxss($setting) {
switch ($setting) {
case SeckitInterface::X_XSS_0:
// Set X-XSS-Protection header to 0.
$this->response->headers
->set('X-XSS-Protection', '0');
break;
case SeckitInterface::X_XSS_1:
// Set X-XSS-Protection header to 1.
$this->response->headers
->set('X-XSS-Protection', '1');
break;
case SeckitInterface::X_XSS_1_BLOCK:
// Set X-XSS-Protection header to 1; mode=block.
$this->response->headers
->set('X-XSS-Protection', '1; mode=block');
break;
case SeckitInterface::X_XSS_DISABLE:
// Do nothing.
default:
break;
}
}