SecurityHeaders - Code Metrics - Inspection of "Set HTTP security headers" - fisharebest/webtrees - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( cd51db...9c88b4 )

by Greg

created 2020-01-09 16:41 UTC

SecurityHeaders A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	27
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	11
c	1
b	0
f	0
dl	0
loc	27
rs	10
wmc	3

1 Method

Rating	Name	Duplication	Size	Complexity
A	process()	0	12	3

<?php

/**
 * webtrees: online genealogy
 * Copyright (C) 2019 webtrees development team
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace Fisharebest\Webtrees\Http\Middleware;

use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;

/**
 * Middleware to set security-related HTTP headers.
 */
class SecurityHeaders implements MiddlewareInterface
{
    private const SECURITY_HEADERS = [
        'Referrer-Policy'        => 'same-origin',
        'X-Content-Type-Options' => 'nosniff',
        'X-Frame-Options'        => 'SAMEORIGIN',
        'X-XSS-Protection'       => '1;mode=block',
    ];

    /**
     * @param ServerRequestInterface  $request
     * @param RequestHandlerInterface $handler
     *
     * @return ResponseInterface
     */
    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        $response = $handler->handle($request);

        foreach (self::SECURITY_HEADERS as $header_name => $header_value) {
            // Don't overwrite existing headers.
            if ($response->getHeader($header_name) === []) {
                $response = $response->withHeader($header_name, $header_value);
            }
        }

        return $response;
    }
}


1			<?php
2
3			/**
4			* webtrees: online genealogy
5			* Copyright (C) 2019 webtrees development team
6			* This program is free software: you can redistribute it and/or modify
7			* it under the terms of the GNU General Public License as published by
8			* the Free Software Foundation, either version 3 of the License, or
9			* (at your option) any later version.
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU General Public License for more details.
14			* You should have received a copy of the GNU General Public License
15			* along with this program. If not, see <http://www.gnu.org/licenses/>.
16			*/
17
18			declare(strict_types=1);
19
20			namespace Fisharebest\Webtrees\Http\Middleware;
21
22			use Psr\Http\Message\ResponseInterface;
23			use Psr\Http\Message\ServerRequestInterface;
24			use Psr\Http\Server\MiddlewareInterface;
25			use Psr\Http\Server\RequestHandlerInterface;
26
27			/**
28			* Middleware to set security-related HTTP headers.
29			*/
30			class SecurityHeaders implements MiddlewareInterface
31			{
32			private const SECURITY_HEADERS = [
33			'Referrer-Policy' => 'same-origin',
34			'X-Content-Type-Options' => 'nosniff',
35			'X-Frame-Options' => 'SAMEORIGIN',
36			'X-XSS-Protection' => '1;mode=block',
37			];
38
39			/**
40			* @param ServerRequestInterface $request
41			* @param RequestHandlerInterface $handler
42			*
43			* @return ResponseInterface
44			*/
45			public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
46			{
47			$response = $handler->handle($request);
48
49			foreach (self::SECURITY_HEADERS as $header_name => $header_value) {
50			// Don't overwrite existing headers.
51			if ($response->getHeader($header_name) === []) {
52			$response = $response->withHeader($header_name, $header_value);
53			}
54			}
55
56			return $response;
57			}
58			}
59

fisharebest / webtrees

Push — master ( cd51db...9c88b4 )

SecurityHeaders A

Complexity

Size/Duplication

Importance

1 Method

Duplication Side-by-Side

Filter issues like