public function addSource(string $directive, string $path) : self { switch ($directive) { case 'child': case 'frame': case 'frame-src': if ($this->supportOldBrowsers) { $this->policies['child-src']['allow'][] = $path; $this->policies['frame-src']['allow'][] = $path; return $this; } $directive = 'child-src'; break; case 'connect': case 'socket': case 'websocket': $directive = 'connect-src'; break; case 'font': case 'fonts': $directive = 'font-src'; break; case 'form': case 'forms': $directive = 'form-action'; break; case 'ancestor': case 'parent': $directive = 'frame-ancestors'; break; case 'img': case 'image': case 'image-src': $directive = 'img-src'; break; case 'media': $directive = 'media-src'; break; case 'object': $directive = 'object-src'; break; case 'js': case 'javascript': case 'script': case 'scripts': $directive = 'script-src'; break; case 'style': case 'css': case 'css-src': $directive = 'style-src'; break; } $this->policies[$directive]['allow'][] = $path; return $this; }
/** * Add a source to our allow whitelist. * * @param string $directive * @param string $path * * @return self */ public function addSource($directive, $path) { $this->csp->addSource($directive, $path); return $this; }