Configure headers in response setup

mabar · mabar · commit 2663b51b032b · 2019-03-18T09:36:00.000+01:00
diff --git a/src/Bridges/HttpDI/HttpExtension.php b/src/Bridges/HttpDI/HttpExtension.php
@@ -10,7 +10,6 @@
 namespace Nette\Bridges\HttpDI;
 
 use Nette;
-use Nette\PhpGenerator\Helpers;
 
 
 /**
@@ -71,13 +70,9 @@ public function loadConfiguration()
 	}
 
 
-	public function afterCompile(Nette\PhpGenerator\ClassType $class)
+	public function beforeCompile()
 	{
-		if ($this->cliMode) {
-			return;
-		}
-
-		$initialize = $class->getMethod('initialize');
+		$builder = $this->getContainerBuilder();
 		$config = $this->getConfig();
 		$headers = array_map('strval', $config['headers']);
 
@@ -91,16 +86,14 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)
 			$headers['X-Frame-Options'] = $frames;
 		}
 
-		$code = [];
 		foreach (['csp', 'cspReportOnly'] as $key) {
 			if (empty($config[$key])) {
 				continue;
 			}
 			$value = self::buildPolicy($config[$key]);
 			if (strpos($value, "'nonce'")) {
-				$code[0] = '$cspNonce = base64_encode(random_bytes(16));';
 				$value = Nette\DI\ContainerBuilder::literal(
-					'str_replace(?, ? . $cspNonce, ?)',
+					'str_replace(?, ? . (isset($cspNonce) \? $cspNonce : $cspNonce = base64_encode(random_bytes(16))), ?)',
 					["'nonce", "'nonce-", $value]
 				);
 			}
@@ -111,16 +104,15 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)
 			$headers['Feature-Policy'] = self::buildPolicy($config['featurePolicy']);
 		}
 
-		$code[] = Helpers::formatArgs('$response = $this->getService(?);', [$this->prefix('response')]);
 		foreach ($headers as $key => $value) {
 			if ($value !== '') {
-				$code[] = Helpers::formatArgs('$response->setHeader(?, ?);', [$key, $value]);
+				$builder->getDefinition($this->prefix('response'))
+					->addSetup('?->setHeader(?, ?);', ['@self', $key, $value]);
 			}
 		}
 
-		$code[] = Helpers::formatArgs('$response->setCookie(...?);', [['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);
-
-		$initialize->addBody("(function () {\n\t" . implode("\n\t", $code) . "\n})();");
+		$builder->getDefinition($this->prefix('response'))
+			->addSetup('?->setCookie(...?)', ['@self', ['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);
 	}
 
 

Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,6 @@`
`10`	`10`	`namespace Nette\Bridges\HttpDI;`
`11`	`11`
`12`	`12`	`use Nette;`
`13`		`-use Nette\PhpGenerator\Helpers;`
`14`	`13`
`15`	`14`
`16`	`15`	`/**`
`@@ -71,13 +70,9 @@ public function loadConfiguration()`
`71`	`70`	`}`
`72`	`71`
`73`	`72`
`74`		`- public function afterCompile(Nette\PhpGenerator\ClassType $class)`
	`73`	`+ public function beforeCompile()`
`75`	`74`	`{`
`76`		`- if ($this->cliMode) {`
`77`		`- return;`
`78`		`- }`
`79`		`-`
`80`		`- $initialize = $class->getMethod('initialize');`
	`75`	`+ $builder = $this->getContainerBuilder();`
`81`	`76`	`$config = $this->getConfig();`
`82`	`77`	`$headers = array_map('strval', $config['headers']);`
`83`	`78`
`@@ -91,16 +86,14 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)`
`91`	`86`	`$headers['X-Frame-Options'] = $frames;`
`92`	`87`	`}`
`93`	`88`
`94`		`- $code = [];`
`95`	`89`	`foreach (['csp', 'cspReportOnly'] as $key) {`
`96`	`90`	`if (empty($config[$key])) {`
`97`	`91`	`continue;`
`98`	`92`	`}`
`99`	`93`	`$value = self::buildPolicy($config[$key]);`
`100`	`94`	`if (strpos($value, "'nonce'")) {`
`101`		`- $code[0] = '$cspNonce = base64_encode(random_bytes(16));';`
`102`	`95`	`$value = Nette\DI\ContainerBuilder::literal(`
`103`		`- 'str_replace(?, ? . $cspNonce, ?)',`
	`96`	`+ 'str_replace(?, ? . (isset($cspNonce) \? $cspNonce : $cspNonce = base64_encode(random_bytes(16))), ?)',`
`104`	`97`	`["'nonce", "'nonce-", $value]`
`105`	`98`	`);`
`106`	`99`	`}`
`@@ -111,16 +104,15 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)`
`111`	`104`	`$headers['Feature-Policy'] = self::buildPolicy($config['featurePolicy']);`
`112`	`105`	`}`
`113`	`106`
`114`		`- $code[] = Helpers::formatArgs('$response = $this->getService(?);', [$this->prefix('response')]);`
`115`	`107`	`foreach ($headers as $key => $value) {`
`116`	`108`	`if ($value !== '') {`
`117`		`- $code[] = Helpers::formatArgs('$response->setHeader(?, ?);', [$key, $value]);`
	`109`	`+ $builder->getDefinition($this->prefix('response'))`
	`110`	`+ ->addSetup('?->setHeader(?, ?);', ['@self', $key, $value]);`
`118`	`111`	`}`
`119`	`112`	`}`
`120`	`113`
`121`		`- $code[] = Helpers::formatArgs('$response->setCookie(...?);', [['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);`
`122`		`-`
`123`		`- $initialize->addBody("(function () {\n\t" . implode("\n\t", $code) . "\n})();");`
	`114`	`+ $builder->getDefinition($this->prefix('response'))`
	`115`	`+ ->addSetup('?->setCookie(...?)', ['@self', ['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);`
`124`	`116`	`}`
`125`	`117`
`126`	`118`