extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-01-24 07:08:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
8411f5b69d
2FAuth/app/Http/Middleware/AddContentSecurityPolicyHeaders.php
Bubka fd695c7765 Update CSP
2024-11-17 22:57:15 +01:00

30 lines
840 B
PHP
Raw Blame History

<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Vite;
use Symfony\Component\HttpFoundation\Response;
class AddContentSecurityPolicyHeaders
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next) : Response
{
if (config('2fauth.config.contentSecurityPolicy')) {
Vite::useCspNonce();
return $next($request)->withHeaders([
'Content-Security-Policy' => "script-src 'nonce-" . Vite::cspNonce() . "';style-src 'self' 'unsafe-inline';connect-src 'self';img-src 'self' data:;object-src 'none';",
]);
}
return $next($request);
}
}
Reference in New Issue View Git Blame Copy Permalink