Skip to content

Commit

Permalink
Move response configuration from initialize method to response service
Browse files Browse the repository at this point in the history
  • Loading branch information
@mabar
mabar committed Jul 6, 2019
1 parent 9901e0f commit 4b12bd5
Show file tree
Hide file tree
Showing 6 changed files with 16 additions and 19 deletions.
19 changes: 8 additions & 11 deletions src/Bridges/HttpDI/HttpExtension.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@
namespace Nette\Bridges\HttpDI;

use Nette;
use Nette\PhpGenerator\Helpers;
use Nette\Schema\Expect;


Expand Down Expand Up @@ -76,13 +75,13 @@ public function loadConfiguration()
}


public function afterCompile(Nette\PhpGenerator\ClassType $class)
public function beforeCompile()
{
if ($this->cliMode) {
return;
}

$initialize = $class->getMethod('initialize');
$builder = $this->getContainerBuilder();
$config = $this->config;
$headers = array_map('strval', $config->headers);

Expand All @@ -96,16 +95,14 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)
$headers['X-Frame-Options'] = $frames;
}

$code = [];
foreach (['csp', 'cspReportOnly'] as $key) {
if (empty($config->$key)) {
continue;
}
$value = self::buildPolicy($config->$key);
if (strpos($value, "'nonce'")) {
$code[0] = '$cspNonce = base64_encode(random_bytes(16));';
$value = Nette\DI\ContainerBuilder::literal(
'str_replace(?, ? . $cspNonce, ?)',
'str_replace(?, ? . (isset($cspNonce) \? $cspNonce : $cspNonce = base64_encode(random_bytes(16))), ?)',
["'nonce", "'nonce-", $value]
);
}
Expand All @@ -116,16 +113,16 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)
$headers['Feature-Policy'] = self::buildPolicy($config->featurePolicy);
}

$code[] = Helpers::formatArgs('$response = $this->getService(?);', [$this->prefix('response')]);
$response = $builder->getDefinition($this->prefix('response'));
assert($response instanceof Nette\DI\Definitions\ServiceDefinition);

foreach ($headers as $key => $value) {
if ($value !== '') {
$code[] = Helpers::formatArgs('$response->setHeader(?, ?);', [$key, $value]);
$response->addSetup('?->setHeader(?, ?);', ['@self', $key, $value]);
}
}

$code[] = Helpers::formatArgs('$response->setCookie(...?);', [['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);

$initialize->addBody("(function () {\n\t" . implode("\n\t", $code) . "\n})();");
$response->addSetup('?->setCookie(...?)', ['@self', ['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);
}


Expand Down
4 changes: 2 additions & 2 deletions tests/Http.DI/HttpExtension.csp.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ EOD
eval($compiler->addConfig($config)->compile());

$container = new Container;
$container->initialize();
$container->getService('http.response');

$headers = headers_list();

Expand All @@ -59,5 +59,5 @@ echo ' '; @ob_flush(); flush();
Assert::true(headers_sent());

Assert::exception(function () use ($container) {
$container->initialize();
$container->createService('http.response');
}, Nette\InvalidStateException::class, 'Cannot send header after %a%');
2 changes: 1 addition & 1 deletion tests/Http.DI/HttpExtension.defaultHeaders.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ $compiler->addExtension('http', new HttpExtension);
eval($compiler->compile());

$container = new Container;
$container->initialize();
$container->getService('http.response');

$headers = headers_list();
Assert::contains('X-Frame-Options: SAMEORIGIN', $headers);
Expand Down
4 changes: 2 additions & 2 deletions tests/Http.DI/HttpExtension.featurePolicy.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ EOD
eval($compiler->addConfig($config)->compile());

$container = new Container;
$container->initialize();
$container->getService('http.response');

$headers = headers_list();
var_dump($headers);
Expand All @@ -48,5 +48,5 @@ echo ' '; @ob_flush(); flush();
Assert::true(headers_sent());

Assert::exception(function () use ($container) {
$container->initialize();
$container->createService('http.response');
}, Nette\InvalidStateException::class, 'Cannot send header after %a%');
4 changes: 2 additions & 2 deletions tests/Http.DI/HttpExtension.headers.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ EOD
eval($compiler->addConfig($config)->compile());

$container = new Container;
$container->initialize();
$container->getService('http.response');

$headers = headers_list();
Assert::contains('X-Frame-Options: SAMEORIGIN', $headers);
Expand All @@ -49,5 +49,5 @@ echo ' '; @ob_flush(); flush();
Assert::true(headers_sent());

Assert::exception(function () use ($container) {
$container->initialize();
$container->createService('http.response');
}, Nette\InvalidStateException::class, 'Cannot send header after %a%');
2 changes: 1 addition & 1 deletion tests/Http.DI/HttpExtension.sameSiteProtection.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ $compiler->addExtension('http', new HttpExtension);
eval($compiler->compile());

$container = new Container;
$container->initialize();
$container->getService('http.response');

$headers = headers_list();
Assert::contains(
Expand Down

0 comments on commit 4b12bd5

Please sign in to comment.