nextcloud / server

apps/settings/lib/SetupChecks/SecurityHeaders.php

Spacing +9 added lines, -9 removed lines

@@ -50,7 +50,7 @@ 
 			'X-Permitted-Cross-Domain-Policies' => ['none', null],
 		];
 
-		foreach ($urls as [$verb,$url,$validStatuses]) {
+		foreach ($urls as [$verb, $url, $validStatuses]) {
 			$works = null;
 			foreach ($this->runRequest($verb, $url, ['httpErrors' => false]) as $response) {
 				// Check that the response status matches
@@ -65,9 +65,9 @@ 
 					$value = preg_replace('/,\s+/', ',', strtolower($response->getHeader($header)));
 					if ($value !== $expected) {
 						if ($accepted !== null && $value === $accepted) {
-							$msg .= $this->l10n->t('- The `%1$s` HTTP header is not set to `%2$s`. Some features might not work correctly, as it is recommended to adjust this setting accordingly.', [$header, $expected]) . "\n";
+							$msg .= $this->l10n->t('- The `%1$s` HTTP header is not set to `%2$s`. Some features might not work correctly, as it is recommended to adjust this setting accordingly.', [$header, $expected])."\n";
 						} else {
-							$msg .= $this->l10n->t('- The `%1$s` HTTP header is not set to `%2$s`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.', [$header, $expected]) . "\n";
+							$msg .= $this->l10n->t('- The `%1$s` HTTP header is not set to `%2$s`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.', [$header, $expected])."\n";
 						}
 					}
 				}
@@ -84,7 +84,7 @@ 
 							'strict-origin-when-cross-origin',
 							'same-origin',
 						]
-					) . "\n";
+					)."\n";
 					$msgParameters['w3c-recommendation'] = [
 						'type' => 'highlight',
 						'id' => 'w3c-recommendation',
@@ -96,19 +96,19 @@ 
 				$transportSecurityValidity = $response->getHeader('Strict-Transport-Security');
 				$minimumSeconds = 15552000;
 				if (preg_match('/^max-age=(\d+)(;.*)?$/', $transportSecurityValidity, $m)) {
-					$transportSecurityValidity = (int)$m[1];
+					$transportSecurityValidity = (int) $m[1];
 					if ($transportSecurityValidity < $minimumSeconds) {
-						$msg .= $this->l10n->t('- The `Strict-Transport-Security` HTTP header is not set to at least `%d` seconds (current value: `%d`). For enhanced security, it is recommended to use a long HSTS policy.', [$minimumSeconds, $transportSecurityValidity]) . "\n";
+						$msg .= $this->l10n->t('- The `Strict-Transport-Security` HTTP header is not set to at least `%d` seconds (current value: `%d`). For enhanced security, it is recommended to use a long HSTS policy.', [$minimumSeconds, $transportSecurityValidity])."\n";
 					}
 				} elseif (!empty($transportSecurityValidity)) {
-					$msg .= $this->l10n->t('- The `Strict-Transport-Security` HTTP header is malformed: `%s`. For enhanced security, it is recommended to enable HSTS.', [$transportSecurityValidity]) . "\n";
+					$msg .= $this->l10n->t('- The `Strict-Transport-Security` HTTP header is malformed: `%s`. For enhanced security, it is recommended to enable HSTS.', [$transportSecurityValidity])."\n";
 				} else {
-					$msg .= $this->l10n->t('- The `Strict-Transport-Security` HTTP header is not set (should be at least `%d` seconds). For enhanced security, it is recommended to enable HSTS.', [$minimumSeconds]) . "\n";
+					$msg .= $this->l10n->t('- The `Strict-Transport-Security` HTTP header is not set (should be at least `%d` seconds). For enhanced security, it is recommended to enable HSTS.', [$minimumSeconds])."\n";
 				}
 
 				if (!empty($msg)) {
 					return SetupResult::warning(
-						$this->l10n->t('Some headers are not set correctly on your instance') . "\n" . $msg,
+						$this->l10n->t('Some headers are not set correctly on your instance')."\n".$msg,
 						$this->urlGenerator->linkToDocs('admin-security'),
 						$msgParameters,
 					);