Refactoring: added controlled middleware and changed response class
This commit is contained in:
Frederic Guillot
44
app/Middleware/BootstrapMiddleware.php
Normal file
44
app/Middleware/BootstrapMiddleware.php
Normal file
@@ -0,0 +1,44 @@
|
||||
<?php
|
||||
|
||||
namespace Kanboard\Middleware;
|
||||
|
||||
use Kanboard\Core\Controller\BaseMiddleware;
|
||||
|
||||
/**
|
||||
* Class BootstrapMiddleware
|
||||
*
|
||||
* @package Kanboard\Middleware
|
||||
* @author Frederic Guillot
|
||||
*/
|
||||
class BootstrapMiddleware extends BaseMiddleware
|
||||
{
|
||||
/**
|
||||
* Execute middleware
|
||||
*/
|
||||
public function execute()
|
||||
{
|
||||
$this->sessionManager->open();
|
||||
$this->dispatcher->dispatch('app.bootstrap');
|
||||
$this->sendHeaders();
|
||||
$this->next();
|
||||
}
|
||||
|
||||
/**
|
||||
* Send HTTP headers
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
private function sendHeaders()
|
||||
{
|
||||
$this->response->withContentSecurityPolicy($this->container['cspRules']);
|
||||
$this->response->withSecurityHeaders();
|
||||
|
||||
if (ENABLE_XFRAME && $this->router->getAction() !== 'readonly') {
|
||||
$this->response->withXframe();
|
||||
}
|
||||
|
||||
if (ENABLE_HSTS) {
|
||||
$this->response->withStrictTransportSecurity();
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user