View GitHub Repository laravel-csp

Schedule Inspection
Subscribe
Completed
Push — master ( c3e3fb...ceffe8 )
by Thomas
01:50
created

AddCspHeaders::getPolicies()   B

↳ Parent: AddCspHeaders

Complexity

Conditions 4
Paths 5

Size

Total Lines 28
Code Lines 14

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 4
eloc 14
nc 5
nop 1
dl 0
loc 28
rs 8.5806
c 0
b 0
f 0
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
namespace Spatie\Csp;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                
use Closure;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                
use Illuminate\Http\Request;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                
use Illuminate\Support\Collection;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
class AddCspHeaders

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                
    public function handle(Request $request, Closure $next, $customPolicyClass = null)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
        $response = $next($request);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                
        $this

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                
            ->getPolicies($customPolicyClass)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                
            ->filter->shouldBeApplied($request, $response)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                
            ->each->applyTo($response);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                
        return $response;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
    protected function getPolicies(string $customPolicyClass = null): Collection

            


            
                                                        
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                
    {

            


            
                                                        
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                
        $policies = collect();

            


            
                                                        
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                
        if ($customPolicyClass) {

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Bug
            Best Practice
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                                
                            
                        

                                        
The expression $customPolicyClass of type null|string is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== null instead.
                                                                                                                                                                                                                                                            

                    
                                            

                            

                            

                                
                                    
                                
                            


                            
In PHP, under loose comparison (like ==, or !=, or switch conditions),
values of different types might be equal.


For string values, the empty string '' is a special case, in particular
the following results might be unexpected:


''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false





                        

                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                        
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                
            $policies->push(PolicyFactory::create($customPolicyClass));

            


            
                                                        
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                
            return $policies;

            


            
                                                        
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                
        }

            


            
                                                        
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                
        $policyClass = config('csp.policy');

            


            
                                                        
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                
        if (! empty($policyClass)) {

            


            
                                                        
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
            $policies->push(PolicyFactory::create($policyClass));

            


            
                                                        
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                
        }

            


            
                                                        
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
        $reportOnlyPolicyClass = config('csp.report_only_policy');

            


            
                                                        
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    41
                

                                    
                                                    
                
                
                
        if (! empty($reportOnlyPolicyClass)) {

            


            
                                                        
            
                                    
            
            

                
                    42
                

                                    
                                                    
                
                
                
            $policy = PolicyFactory::create($reportOnlyPolicyClass);

            


            
                                                        
            
                                    
            
            

                
                    43
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    44
                

                                    
                                                    
                
                
                
            $policy->reportOnly();

            


            
                                                        
            
                                    
            
            

                
                    45
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    46
                

                                    
                                                    
                
                
                
            $policies->push($policy);

            


            
                                                        
            
                                    
            
            

                
                    47
                

                                    
                                                    
                
                
                
        }

            


            
                                                        
            
                                    
            
            

                
                    48
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    49
                

                                    
                                                    
                
                
                
        return $policies;

            


            
                                                        
            
                                    
            
            

                
                    50
                

                                    
                                                    
                
                
                
    }

            


            
                                                        
            
                                    
            
            

                
                    51
                

                                    
                                                    
                
                
                
}

            


            
                                                        
            
                                    
            
            

                
                    52