public function XframeSubscriber::onKernelResponse in X-Frame-Options Configuration 8

Executes actions on the respose event.

Parameters

\Symfony\Component\HttpKernel\Event\FilterResponseEvent $event: Filter Response Event object.

File

src/EventSubscriber/XframeSubscriber.php, line 40

Class

XframeSubscriber: Subscribing an event.

Namespace

Drupal\x_frame_options_configuration\EventSubscriber

Code

public function onKernelResponse(FilterResponseEvent $event) {

  // Add the x-frame-options response header with the configured directive.
  $directive = $this->config
    ->get('x_frame_options_configuration.directive', 0);
  $allow_from_uri = Html::escape($this->config
    ->get('x_frame_options_configuration.allow-from-uri', ''));
  $x_frame_options = Html::escape($directive) . ($directive == 'ALLOW-FROM' ? " " . UrlHelper::stripDangerousProtocols($allow_from_uri) : '');
  $response = $event
    ->getResponse();

  // If option selected is ALLOW-ALL, removes header.
  if ($x_frame_options == 'ALLOW-ALL') {
    $response->headers
      ->remove('X-Frame-Options');
  }
  else {
    $response->headers
      ->set('X-Frame-Options', $x_frame_options);
  }
}

You are here

public function XframeSubscriber::onKernelResponse in X-Frame-Options Configuration 8

Parameters

File

Class

Namespace

Code

API Navigation