ClickjackProtectionSubscriber::__construct() - Code Metrics - zikula/core - Measure and Improve Code Quality continuously with Scrutinizer

ClickjackProtectionSubscriber::__construct() A
last analyzed 2025-02-11 12:26 UTC

↳ Parent: ClickjackProtectionSubscriber

Complexity

Conditions	1
Paths	1

Size

Total Lines	2
Code Lines	0

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	0
nc	1
nop	1
dl	0
loc	2
rs	10
c	0
b	0
f	0

<?php

declare(strict_types=1);

/*
 * This file is part of the Zikula package.
 *
 * Copyright Zikula - https://ziku.la/
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Zikula\CoreBundle\EventSubscriber;

use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\ResponseEvent;
use Symfony\Component\HttpKernel\KernelEvents;

/**
 * Sets x-origin headers to prevent clickjacking attacks.
 *
 * Consider https://github.com/nelmio/NelmioSecurityBundle for a future major release refs #3646
 */
class ClickjackProtectionSubscriber implements EventSubscriberInterface
{
    public function __construct(private readonly string $xFrameOptions)
    {
    }

    public static function getSubscribedEvents(): array
    {
        return [
            KernelEvents::RESPONSE => ['onKernelResponse', -99],
        ];
    }

    /**
     * Sets x-origin headers in the response object.
     */
    public function onKernelResponse(ResponseEvent $event): void
    {
        if (!$event->isMainRequest()) {
            return;
        }

        $response = $event->getResponse();

        $response->headers->set('X-Frame-Options', $this->xFrameOptions);
        $response->headers->set('X-XSS-Protection', '1');
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* This file is part of the Zikula package.
7			*
8			* Copyright Zikula - https://ziku.la/
9			*
10			* For the full copyright and license information, please view the LICENSE
11			* file that was distributed with this source code.
12			*/
13
14			namespace Zikula\CoreBundle\EventSubscriber;
15
16			use Symfony\Component\EventDispatcher\EventSubscriberInterface;
17			use Symfony\Component\HttpKernel\Event\ResponseEvent;
18			use Symfony\Component\HttpKernel\KernelEvents;
19
20			/**
21			* Sets x-origin headers to prevent clickjacking attacks.
22			*
23			* Consider https://github.com/nelmio/NelmioSecurityBundle for a future major release refs #3646
24			*/
25			class ClickjackProtectionSubscriber implements EventSubscriberInterface
26			{
27			public function __construct(private readonly string $xFrameOptions)
28			{
29			}
30
31			public static function getSubscribedEvents(): array
32			{
33			return [
34			KernelEvents::RESPONSE => ['onKernelResponse', -99],
35			];
36			}
37
38			/**
39			* Sets x-origin headers in the response object.
40			*/
41			public function onKernelResponse(ResponseEvent $event): void
42			{
43			if (!$event->isMainRequest()) {
44			return;
45			}
46
47			$response = $event->getResponse();
48
49			$response->headers->set('X-Frame-Options', $this->xFrameOptions);
50			$response->headers->set('X-XSS-Protection', '1');
51			}
52			}
53

zikula / core

ClickjackProtectionSubscriber::__construct() A last analyzed 2025-02-11 12:26 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

ClickjackProtectionSubscriber::__construct() A
last analyzed 2025-02-11 12:26 UTC