PSR-7 support, or else array of headers to be returned about csp-builder HOT 13 CLOSED

Something like this?

function injectCSPHeader(\Psr\Http\Message\MessageInterface $message, $legacy = false)
{
    if ($this->needsCompile) {
        $this->compile();
    }
    // Are we doing a report-only header?
    $which = $this->reportOnly 
        ? 'Content-Security-Policy-Report-Only'
        : 'Content-Security-Policy';
    $message->withAddedHeader($which, $this->compiled);
    if ($legacy) {
        // Add deprecated headers for compatibility with old clients
        $message->withAddedHeader('X-'.$which, $this->compiled);
        $which = $this->reportOnly 
            ? 'X-Webkit-CSP-Report-Only'
            : 'X-Webkit-CSP';
        $message->withAddedHeader($which, $this->compiled);
    }
    return $message;
}

from csp-builder.

@paragonie-scott either that or simply return the array of headers

Note that $message is immutable, therefore every with call returns a new object (referring to the snippet above)

from csp-builder.

84ad3c5

How does that look?

from csp-builder.

@paragonie-scott looks good: is it covered by tests?

from csp-builder.

The PSR-7 part isn't, yet. I don't really use PSR-7 anywhere directly so I'll need to find a way to add a unit test without adding a dependency to e.g. Guzzle.

from csp-builder.

@paragonie-scott $this->getMock('Name\Of\Interface', ['the', 'list', 'of', 'methods', 'that', 'are', 'expected', 'to', 'exist'])

from csp-builder.

https://github.com/paragonie/csp-builder/blob/master/src/CSPBuilder.php#L269

This will break when it returns null.

from csp-builder.

@paragonie-scott you can use $this->getMock()->expects(self::exactly(2))->method('withFoo')->willReturnSelf();

from csp-builder.

Expectation failed for method name is equal to string:withHeader when invoked 2 time(s).
Method was expected to be called 2 times, actually called 0 times.

.PHP Fatal error: Class Mock_MessageInterface_a0173770 contains 1 abstract method and must therefore be declared abstract or implement the remaining methods (Psr\Http\Message\MessageInterface::withHeader) in /mnt/share/csp-builder/vendor/phpunit/phpunit-mock-objects/src/Framework/MockObject/Generator.php(305) : eval()'d code on line 270

I've never used mocking before, and I have no idea what I'm even doing.

from csp-builder.

@paragonie-scott I'll send a PR :-)

from csp-builder.

@paragonie-scott see #6

from csp-builder.

Has this been adequately addressed in the latest release?

from csp-builder.

Looks like this was done in 1.2.0, thanks!

from csp-builder.