Update dependencies, and set a more locked-down content security policy
This commit is contained in:
parent
ac13d57634
commit
921d594931
@ -21,7 +21,7 @@
|
|||||||
"aura/router": "^3.0",
|
"aura/router": "^3.0",
|
||||||
"aura/session": "^2.0",
|
"aura/session": "^2.0",
|
||||||
"aviat/banker": "^1.0.0",
|
"aviat/banker": "^1.0.0",
|
||||||
"aviat/ion": "^2.0.0",
|
"aviat/ion": "^2.1.0",
|
||||||
"monolog/monolog": "^1.0",
|
"monolog/monolog": "^1.0",
|
||||||
"psr/http-message": "~1.0",
|
"psr/http-message": "~1.0",
|
||||||
"psr/log": "~1.0",
|
"psr/log": "~1.0",
|
||||||
@ -37,7 +37,7 @@
|
|||||||
"phploc/phploc": "^3.0",
|
"phploc/phploc": "^3.0",
|
||||||
"phpmd/phpmd": "^2.4",
|
"phpmd/phpmd": "^2.4",
|
||||||
"phpunit/phpunit": "^6.0",
|
"phpunit/phpunit": "^6.0",
|
||||||
"robmorgan/phinx": "~0.6.4",
|
"robmorgan/phinx": "^0.8.0",
|
||||||
"consolidation/robo": "~1.0",
|
"consolidation/robo": "~1.0",
|
||||||
"henrikbjorn/lurker": "^1.1.0",
|
"henrikbjorn/lurker": "^1.1.0",
|
||||||
"symfony/var-dumper": "^3.2",
|
"symfony/var-dumper": "^3.2",
|
||||||
|
@ -239,6 +239,13 @@ class Controller {
|
|||||||
*/
|
*/
|
||||||
protected function renderFullPage($view, string $template, array $data)
|
protected function renderFullPage($view, string $template, array $data)
|
||||||
{
|
{
|
||||||
|
$csp = [
|
||||||
|
"default-src 'self'",
|
||||||
|
"object-src 'none'",
|
||||||
|
"child-src 'none'",
|
||||||
|
];
|
||||||
|
|
||||||
|
$view->addHeader('Content-Security-Policy', implode('; ', $csp));
|
||||||
$view->appendOutput($this->loadPartial($view, 'header', $data));
|
$view->appendOutput($this->loadPartial($view, 'header', $data));
|
||||||
|
|
||||||
if (array_key_exists('message', $data) && is_array($data['message']))
|
if (array_key_exists('message', $data) && is_array($data['message']))
|
||||||
|
Loading…
Reference in New Issue
Block a user