Skip to content

Commit ba76cc5

Browse files
StanBarrowsStanBarrows
authored
Merge pull request #10 from codebar-ag/main
main/production
2 parents 2757d86 + 1bfec8c commit ba76cc5

18 files changed

+160
-1913
lines changed

app/Enums/EnvironmentEnum.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,7 @@
22

33
namespace App\Enums;
44

5-
use Filament\Support\Contracts\HasLabel;
6-
7-
enum EnvironmentEnum: string implements HasLabel
5+
enum EnvironmentEnum: string
86
{
97
case LOCAL = 'local';
108
case STAGING = 'staging';

app/Enums/GuardEnum.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,7 @@
22

33
namespace App\Enums;
44

5-
use Filament\Support\Contracts\HasLabel;
6-
7-
enum GuardEnum: string implements HasLabel
5+
enum GuardEnum: string
86
{
97
case WEB = 'web';
108

app/Enums/LocaleEnum.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,7 @@
22

33
namespace App\Enums;
44

5-
use Filament\Support\Contracts\HasLabel;
6-
7-
enum LocaleEnum: string implements HasLabel
5+
enum LocaleEnum: string
86
{
97
case DE = 'de_CH';
108
case EN = 'en_CH';

app/Enums/RoleEnum.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,7 @@
22

33
namespace App\Enums;
44

5-
use Filament\Support\Contracts\HasLabel;
6-
7-
enum RoleEnum: string implements HasLabel
5+
enum RoleEnum: string
86
{
97
case ADMINISTRATOR = 'administrator';
108
case USER = 'user';

app/Enums/SessionKeyEnum.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,7 @@
22

33
namespace App\Enums;
44

5-
use Filament\Support\Contracts\HasLabel;
6-
7-
enum SessionKeyEnum: string implements HasLabel
5+
enum SessionKeyEnum: string
86
{
97
case LANGUAGE = 'language';
108

app/Http/Middleware/AddContentSecurityPolicyHeaders.php

Lines changed: 0 additions & 16 deletions
This file was deleted.

app/Http/Middleware/AddReferrerPolicyMiddleware.php

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
<?php
2+
3+
namespace App\Http\Middleware;
4+
5+
use Closure;
6+
use Illuminate\Http\Request;
7+
use Symfony\Component\HttpFoundation\Response;
8+
9+
class AddReferrerPolicyMiddleware
10+
{
11+
public function handle(Request $request, Closure $next): Response
12+
{
13+
/** @var \Symfony\Component\HttpFoundation\Response $response */
14+
$response = $next($request);
15+
16+
$response->headers->set('Referrer-Policy', 'strict-origin-when-cross-origin');
17+
18+
return $response;
19+
}
20+
}

app/Security/Presets/MyCspPreset.php

Lines changed: 28 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -13,28 +13,43 @@ public function configure(Policy $policy): void
1313
{
1414
$policy->add(Directive::BASE, Keyword::SELF);
1515

16-
$policy->add(Directive::CONNECT, Keyword::SELF);
1716
$policy->add(Directive::DEFAULT, Keyword::SELF);
18-
$policy->add(Directive::FONT, Keyword::SELF);
19-
$policy->add(Directive::FORM_ACTION, Keyword::SELF);
20-
$policy->add(Directive::IMG, [
17+
18+
$policy->add(Directive::SCRIPT, [
2119
Keyword::SELF,
22-
'data:',
20+
'cdn.usefathom.com',
21+
'cdn-eu.usefathom.com',
2322
]);
24-
$policy->add(Directive::MEDIA, Keyword::SELF);
25-
$policy->add(Directive::OBJECT, Keyword::NONE);
2623

27-
$policy->add(Directive::SCRIPT, Keyword::SELF);
24+
$policy->add(Directive::SCRIPT_ELEM, [
25+
Keyword::SELF,
26+
'cdn.usefathom.com',
27+
'cdn-eu.usefathom.com',
28+
]);
2829

2930
$policy->add(Directive::STYLE, [
3031
Keyword::SELF,
3132
Keyword::UNSAFE_INLINE,
3233
]);
3334

34-
// Fathom Analytics
35-
$policy->add(Directive::SCRIPT, 'cdn.usefathom.com');
36-
$policy->add(Directive::CONNECT, 'cdn.usefathom.com');
37-
$policy->add(Directive::SCRIPT, 'cdn-eu.usefathom.com');
38-
$policy->add(Directive::CONNECT, 'cdn-eu.usefathom.com');
35+
$policy->add(Directive::STYLE_ELEM, [
36+
Keyword::SELF,
37+
Keyword::UNSAFE_INLINE,
38+
]);
39+
40+
$policy->add(Directive::IMG, [
41+
Keyword::SELF,
42+
'data:',
43+
]);
44+
45+
$policy->add(Directive::FONT, Keyword::SELF);
46+
$policy->add(Directive::FORM_ACTION, Keyword::SELF);
47+
$policy->add(Directive::MEDIA, Keyword::SELF);
48+
$policy->add(Directive::OBJECT, Keyword::NONE);
49+
$policy->add(Directive::CONNECT, [
50+
Keyword::SELF,
51+
'cdn.usefathom.com',
52+
'cdn-eu.usefathom.com',
53+
]);
3954
}
4055
}

bootstrap/app.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
<?php
22

3-
use App\Http\Middleware\AddContentSecurityPolicyHeaders;
3+
use App\Http\Middleware\AddReferrerPolicyMiddleware;
44
use App\Http\Middleware\SetLanguage;
55
use App\Providers\AppServiceProvider;
66
use App\Providers\EventServiceProvider;
@@ -25,7 +25,7 @@
2525
->withMiddleware(function (Middleware $middleware) {
2626
$middleware->web(append: [
2727
AddCspHeaders::class,
28-
// AddContentSecurityPolicyHeaders::class,
28+
AddReferrerPolicyMiddleware::class,
2929
AddFeaturePolicyHeaders::class,
3030
SetLanguage::class,
3131
CacheResponse::class,

composer.json

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,11 +10,9 @@
1010
"require": {
1111
"php": "^8.4",
1212
"codebar-ag/laravel-flysystem-cloudinary": "^v12.0.1",
13-
"filament/filament": "^3.3",
1413
"laravel/framework": "^v12.1.1",
1514
"laravel/tinker": "^2.10.1",
1615
"league/flysystem-aws-s3-v3": "^3.28",
17-
"livewire/livewire": "^3.5",
1816
"mazedlx/laravel-feature-policy": "^2.2",
1917
"sammyjo20/lasso": "3.4.0",
2018
"spatie/laravel-csp": "^3.8",
@@ -38,7 +36,6 @@
3836
"pestphp/pest-plugin-arch": "^3.0",
3937
"pestphp/pest-plugin-faker": "^3.0",
4038
"pestphp/pest-plugin-laravel": "^3.1",
41-
"pestphp/pest-plugin-livewire": "^3.1",
4239
"pestphp/pest-plugin-type-coverage": "^3.3",
4340
"phpstan/extension-installer": "^1.4.3",
4441
"phpstan/phpstan": "2.1.6",

0 commit comments

Comments
 (0)