SecurityHeadersHook::executeAfter() - Code Metrics - Inspection of "add afterHook, update beforeHook, cleanup code" - eduvpn/vpn-lib-common - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( d1a3e4...041256 )

by François

created 2016-09-15 21:21 UTC

SecurityHeadersHook::executeAfter() A

↳ Parent: SecurityHeadersHook

Complexity

Conditions	1
Paths	1

Size

Total Lines	12
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	12
c	0
b	0
f	0
rs	9.4285
cc	1
eloc	6
nc	1
nop	2

<?php
/**
 *  Copyright (C) 2016 SURFnet.
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as
 *  published by the Free Software Foundation, either version 3 of the
 *  License, or (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
namespace SURFnet\VPN\Common\Http;

class SecurityHeadersHook implements AfterHookInterface
{
    public function executeAfter(Request $request, Response $response)
    {
        // XXX only add them if the request comes from a browser
        // CSP: https://developer.mozilla.org/en-US/docs/Security/CSP
        $response->addHeader('Content-Security-Policy', "default-src 'self'");
        // X-Frame-Options: https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
        $response->addHeader('X-Frame-Options', 'DENY');
        $response->addHeader('X-Content-Type-Options', 'nosniff');
        $response->addHeader('X-Xss-Protection', '1; mode=block');

        return $response;
    }
}


1			<?php
2			/**
3			* Copyright (C) 2016 SURFnet.
4			*
5			* This program is free software: you can redistribute it and/or modify
6			* it under the terms of the GNU Affero General Public License as
7			* published by the Free Software Foundation, either version 3 of the
8			* License, or (at your option) any later version.
9			*
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU Affero General Public License for more details.
14			*
15			* You should have received a copy of the GNU Affero General Public License
16			* along with this program. If not, see <http://www.gnu.org/licenses/>.
17			*/
18			namespace SURFnet\VPN\Common\Http;
19
20			class SecurityHeadersHook implements AfterHookInterface
21			{
22			public function executeAfter(Request $request, Response $response)
23			{
24			// XXX only add them if the request comes from a browser
25			// CSP: https://developer.mozilla.org/en-US/docs/Security/CSP
26			$response->addHeader('Content-Security-Policy', "default-src 'self'");
27			// X-Frame-Options: https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
28			$response->addHeader('X-Frame-Options', 'DENY');
29			$response->addHeader('X-Content-Type-Options', 'nosniff');
30			$response->addHeader('X-Xss-Protection', '1; mode=block');
31
32			return $response;
33			}
34			}
35

eduvpn / vpn-lib-common

GitHub Access Token became invalid

Push — master ( d1a3e4...041256 )

SecurityHeadersHook::executeAfter() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like