DefaultSettingsTrait - Code Metrics - Inspection of "Close #22" - neomerx/cors-psr7 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — develop (8213ca)

by Neomerx

created 2016-05-07 08:28 UTC

DefaultSettingsTrait A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	102
Duplicated Lines	0 %

Coupling/Cohesion

Components	0
Dependencies	0

Test Coverage

Coverage

100%

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	1
c	1
b	0
f	0
lcom	0
cbo	0
dl	0
loc	102
ccs	16
cts	16
cp	1
rs	10

1 Method

Rating	Name	Duplication	Size	Complexity
B	getDefaultSettings()	0	96	1

<?php namespace Neomerx\Cors\Strategies;

/**
 * Copyright 2015 [email protected] (www.neomerx.com)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

use \Neomerx\Cors\Contracts\Http\ParsedUrlInterface;

/**
 * @package Neomerx\Cors
 */
trait DefaultSettingsTrait
{
    /**
     * @return array

     */
    protected function getDefaultSettings()
    {
        return [
            /**
             * Array should be in parse_url() result format.
             * @see http://php.net/manual/function.parse-url.php
             */
            Settings::KEY_SERVER_ORIGIN        => [
                Settings::KEY_SERVER_ORIGIN_SCHEME => '',
                Settings::KEY_SERVER_ORIGIN_HOST   => '',
                Settings::KEY_SERVER_ORIGIN_PORT   => ParsedUrlInterface::DEFAULT_PORT,
            ],
            /**
             * A list of allowed request origins (lower-cased, no trail slashes).
             * Value `true` enables and value `null` disables origin.
             * If all origins '*' are enabled all settings for other origins are ignored.
             * For example, [
             *     'http://example.com:123'     => true,
             *     'http://evil.com'            => null,
             *     Settings::VALUE_ALLOW_ORIGIN_ALL => null,
             * ];
             */
            Settings::KEY_ALLOWED_ORIGINS      => [],
            /**
             * A list of allowed request methods (case sensitive).
             * Value `true` enables and value `null` disables method.
             * For example, [
             *     'GET'    => true,
             *     'PATCH'  => true,
             *     'POST'   => true,
             *     'PUT'    => null,
             *     'DELETE' => true,
             * ];
             * Security Note: you have to remember CORS is not access control system and you should not expect all
             * cross-origin requests will have pre-flights. For so-called 'simple' methods with so-called 'simple'
             * headers request will be made without pre-flight. Thus you can not restrict such requests with CORS
             * and should use other means.
             * For example method 'GET' without any headers or with only 'simple' headers will not have pre-flight
             * request so disabling it will not restrict access to resource(s).
             * You can read more on 'simple' methods at http://www.w3.org/TR/cors/#simple-method
             */
            Settings::KEY_ALLOWED_METHODS      => [],
            /**
             * A list of allowed request headers (lower-cased). Value `true` enables and
             * value `null` disables header.
             * For example, [
             *     'content-type'                => true,
             *     'x-custom-request-header'     => null,
             *     Settings::VALUE_ALLOW_ALL_HEADERS => null,
             * ];
             * Security Note: you have to remember CORS is not access control system and you should not expect all
             * cross-origin requests will have pre-flights. For so-called 'simple' methods with so-called 'simple'
             * headers request will be made without pre-flight. Thus you can not restrict such requests with CORS
             * and should use other means.
             * For example method 'GET' without any headers or with only 'simple' headers will not have pre-flight
             * request so disabling it will not restrict access to resource(s).
             * You can read more on 'simple' headers at http://www.w3.org/TR/cors/#simple-header
             */
            Settings::KEY_ALLOWED_HEADERS      => [],
            /**
             * A list of headers (case insensitive) which will be made accessible to
             * user agent (browser) in response.
             * Value `true` enables and value `null` disables header.
             * For example, [
             *     'Content-Type'             => true,
             *     'X-Custom-Response-Header' => true,
             *     'X-Disabled-Header'        => null,
             * ];
             */
            Settings::KEY_EXPOSED_HEADERS      => [],
            /**
             * If access with credentials is supported by the resource.
             */
            Settings::KEY_IS_USING_CREDENTIALS => false,
            /**
             * Pre-flight response cache max period in seconds.
             */
            Settings::KEY_FLIGHT_CACHE_MAX_AGE => 0,
            /**
             * If allowed methods should be added to pre-flight response when
             * 'simple' method is requested (see #6.2.9 CORS).
             * @see http://www.w3.org/TR/cors/#resource-preflight-requests
             */
            Settings::KEY_IS_FORCE_ADD_METHODS => false,
            /**
             * If allowed headers should be added when request headers are 'simple' and
             * non of them is 'Content-Type' (see #6.2.10 CORS).
             * @see http://www.w3.org/TR/cors/#resource-preflight-requests
             */
            Settings::KEY_IS_FORCE_ADD_HEADERS => false,
            /**
             * If request 'Host' header should be checked against server's origin.
             */
            Settings::KEY_IS_CHECK_HOST        => false,
        ];
    }
}


1		<?php namespace Neomerx\Cors\Strategies;
2
3		/**
4		* Copyright 2015 [email protected] (www.neomerx.com)
5		*
6		* Licensed under the Apache License, Version 2.0 (the "License");
7		* you may not use this file except in compliance with the License.
8		* You may obtain a copy of the License at
9		*
10		* http://www.apache.org/licenses/LICENSE-2.0
11		*
12		* Unless required by applicable law or agreed to in writing, software
13		* distributed under the License is distributed on an "AS IS" BASIS,
14		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15		* See the License for the specific language governing permissions and
16		* limitations under the License.
17		*/
18
19		use \Neomerx\Cors\Contracts\Http\ParsedUrlInterface;
20
21		/**
22		* @package Neomerx\Cors
23		*/
24		trait DefaultSettingsTrait
25		{
26		/**
27		* @return array
		0 ignored issues – show Documentation introduced 2016-05-07 08:31 UTC by Report Bug Copy Issue Report Consider making the return type a bit more specific; maybe use `array<*,array\|false\|integer>`. This check looks for the generic type `array` as a return type and suggests a more specific type. This type is inferred from the actual code. Loading history...
28		*/
29	19	protected function getDefaultSettings()
30		{
31		return [
32		/**
33		* Array should be in parse_url() result format.
34		* @see http://php.net/manual/function.parse-url.php
35		*/
36	19	Settings::KEY_SERVER_ORIGIN => [
37	19	Settings::KEY_SERVER_ORIGIN_SCHEME => '',
38	19	Settings::KEY_SERVER_ORIGIN_HOST => '',
39	19	Settings::KEY_SERVER_ORIGIN_PORT => ParsedUrlInterface::DEFAULT_PORT,
40	19	],
41		/**
42		* A list of allowed request origins (lower-cased, no trail slashes).
43		* Value `true` enables and value `null` disables origin.
44		* If all origins '*' are enabled all settings for other origins are ignored.
45		* For example, [
46		* 'http://example.com:123' => true,
47		* 'http://evil.com' => null,
48		* Settings::VALUE_ALLOW_ORIGIN_ALL => null,
49		* ];
50		*/
51	19	Settings::KEY_ALLOWED_ORIGINS => [],
52		/**
53		* A list of allowed request methods (case sensitive).
54		* Value `true` enables and value `null` disables method.
55		* For example, [
56		* 'GET' => true,
57		* 'PATCH' => true,
58		* 'POST' => true,
59		* 'PUT' => null,
60		* 'DELETE' => true,
61		* ];
62		* Security Note: you have to remember CORS is not access control system and you should not expect all
63		* cross-origin requests will have pre-flights. For so-called 'simple' methods with so-called 'simple'
64		* headers request will be made without pre-flight. Thus you can not restrict such requests with CORS
65		* and should use other means.
66		* For example method 'GET' without any headers or with only 'simple' headers will not have pre-flight
67		* request so disabling it will not restrict access to resource(s).
68		* You can read more on 'simple' methods at http://www.w3.org/TR/cors/#simple-method
69		*/
70	19	Settings::KEY_ALLOWED_METHODS => [],
71		/**
72		* A list of allowed request headers (lower-cased). Value `true` enables and
73		* value `null` disables header.
74		* For example, [
75		* 'content-type' => true,
76		* 'x-custom-request-header' => null,
77		* Settings::VALUE_ALLOW_ALL_HEADERS => null,
78		* ];
79		* Security Note: you have to remember CORS is not access control system and you should not expect all
80		* cross-origin requests will have pre-flights. For so-called 'simple' methods with so-called 'simple'
81		* headers request will be made without pre-flight. Thus you can not restrict such requests with CORS
82		* and should use other means.
83		* For example method 'GET' without any headers or with only 'simple' headers will not have pre-flight
84		* request so disabling it will not restrict access to resource(s).
85		* You can read more on 'simple' headers at http://www.w3.org/TR/cors/#simple-header
86		*/
87	19	Settings::KEY_ALLOWED_HEADERS => [],
88		/**
89		* A list of headers (case insensitive) which will be made accessible to
90		* user agent (browser) in response.
91		* Value `true` enables and value `null` disables header.
92		* For example, [
93		* 'Content-Type' => true,
94		* 'X-Custom-Response-Header' => true,
95		* 'X-Disabled-Header' => null,
96		* ];
97		*/
98	19	Settings::KEY_EXPOSED_HEADERS => [],
99		/**
100		* If access with credentials is supported by the resource.
101		*/
102	19	Settings::KEY_IS_USING_CREDENTIALS => false,
103		/**
104		* Pre-flight response cache max period in seconds.
105		*/
106	19	Settings::KEY_FLIGHT_CACHE_MAX_AGE => 0,
107		/**
108		* If allowed methods should be added to pre-flight response when
109		* 'simple' method is requested (see #6.2.9 CORS).
110		* @see http://www.w3.org/TR/cors/#resource-preflight-requests
111		*/
112	19	Settings::KEY_IS_FORCE_ADD_METHODS => false,
113		/**
114		* If allowed headers should be added when request headers are 'simple' and
115		* non of them is 'Content-Type' (see #6.2.10 CORS).
116		* @see http://www.w3.org/TR/cors/#resource-preflight-requests
117		*/
118	19	Settings::KEY_IS_FORCE_ADD_HEADERS => false,
119		/**
120		* If request 'Host' header should be checked against server's origin.
121		*/
122	19	Settings::KEY_IS_CHECK_HOST => false,
123	19	];
124		}
125		}
126

neomerx / cors-psr7

Branch — develop (8213ca)

DefaultSettingsTrait A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

1 Method

Duplication Side-by-Side

Filter issues like