diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Minz/ActionController.php | 3 | ||||
| -rw-r--r-- | lib/Minz/Extension.php | 16 |
2 files changed, 19 insertions, 0 deletions
diff --git a/lib/Minz/ActionController.php b/lib/Minz/ActionController.php index 809a52337..12f14b0f4 100644 --- a/lib/Minz/ActionController.php +++ b/lib/Minz/ActionController.php @@ -99,6 +99,9 @@ abstract class Minz_ActionController { */ public function declareCspHeader(): void { $policies = []; + foreach (Minz_ExtensionManager::listExtensions(true) as $extension) { + $extension->amendCsp($this->csp_policies); + } foreach ($this->csp_policies as $directive => $sources) { $policies[] = $directive . ' ' . $sources; } diff --git a/lib/Minz/Extension.php b/lib/Minz/Extension.php index 206892bf9..15fae77a6 100644 --- a/lib/Minz/Extension.php +++ b/lib/Minz/Extension.php @@ -26,6 +26,9 @@ abstract class Minz_Extension { private bool $is_enabled; + /** @var string[] */ + protected array $csp_policies = []; + /** * The constructor to assign specific information to the extension. * @@ -390,4 +393,17 @@ abstract class Minz_Extension { unlink($path); } } + + /** + * @param string[] $policies + */ + public function amendCsp(array &$policies): void { + foreach ($this->csp_policies as $policy => $source) { + if (array_key_exists($policy, $policies)) { + $policies[$policy] .= ' ' . $source; + } else { + $policies[$policy] = $source; + } + } + } } |