Configure headers in response setup

mabar · mabar · commit c23f7b6d1814 · 2019-03-25T19:28:03.000+01:00
diff --git a/src/Bridges/HttpDI/HttpExtension.php b/src/Bridges/HttpDI/HttpExtension.php
@@ -10,8 +10,6 @@
 namespace Nette\Bridges\HttpDI;
 
 use Nette;
-use Nette\PhpGenerator\Helpers;
-
 
 /**
  * HTTP extension for Nette DI.
@@ -71,13 +69,13 @@ public function loadConfiguration()
 	}
 
 
-	public function afterCompile(Nette\PhpGenerator\ClassType $class)
+	public function beforeCompile()
 	{
 		if ($this->cliMode) {
 			return;
 		}
 
-		$initialize = $class->getMethod('initialize');
+		$builder = $this->getContainerBuilder();
 		$config = $this->getConfig();
 		$headers = array_map('strval', $config['headers']);
 
@@ -91,16 +89,14 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)
 			$headers['X-Frame-Options'] = $frames;
 		}
 
-		$code = [];
 		foreach (['csp', 'cspReportOnly'] as $key) {
 			if (empty($config[$key])) {
 				continue;
 			}
 			$value = self::buildPolicy($config[$key]);
 			if (strpos($value, "'nonce'")) {
-				$code[0] = '$cspNonce = base64_encode(random_bytes(16));';
 				$value = Nette\DI\ContainerBuilder::literal(
-					'str_replace(?, ? . $cspNonce, ?)',
+					'str_replace(?, ? . (isset($cspNonce) \? $cspNonce : $cspNonce = base64_encode(random_bytes(16))), ?)',
 					["'nonce", "'nonce-", $value]
 				);
 			}
@@ -111,16 +107,15 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)
 			$headers['Feature-Policy'] = self::buildPolicy($config['featurePolicy']);
 		}
 
-		$code[] = Helpers::formatArgs('$response = $this->getService(?);', [$this->prefix('response')]);
 		foreach ($headers as $key => $value) {
 			if ($value !== '') {
-				$code[] = Helpers::formatArgs('$response->setHeader(?, ?);', [$key, $value]);
+				$builder->getDefinition($this->prefix('response'))
+					->addSetup('?->setHeader(?, ?);', ['@self', $key, $value]);
 			}
 		}
 
-		$code[] = Helpers::formatArgs('$response->setCookie(...?);', [['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);
-
-		$initialize->addBody("(function () {\n\t" . implode("\n\t", $code) . "\n})();");
+		$builder->getDefinition($this->prefix('response'))
+			->addSetup('?->setCookie(...?)', ['@self', ['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);
 	}
 
 

Original file line number	Diff line number	Diff line change
`@@ -10,8 +10,6 @@`
`10`	`10`	`namespace Nette\Bridges\HttpDI;`
`11`	`11`
`12`	`12`	`use Nette;`
`13`		`-use Nette\PhpGenerator\Helpers;`
`14`		`-`
`15`	`13`
`16`	`14`	`/**`
`17`	`15`	`* HTTP extension for Nette DI.`
`@@ -71,13 +69,13 @@ public function loadConfiguration()`
`71`	`69`	`}`
`72`	`70`
`73`	`71`
`74`		`- public function afterCompile(Nette\PhpGenerator\ClassType $class)`
	`72`	`+ public function beforeCompile()`
`75`	`73`	`{`
`76`	`74`	`if ($this->cliMode) {`
`77`	`75`	`return;`
`78`	`76`	`}`
`79`	`77`
`80`		`- $initialize = $class->getMethod('initialize');`
	`78`	`+ $builder = $this->getContainerBuilder();`
`81`	`79`	`$config = $this->getConfig();`
`82`	`80`	`$headers = array_map('strval', $config['headers']);`
`83`	`81`
`@@ -91,16 +89,14 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)`
`91`	`89`	`$headers['X-Frame-Options'] = $frames;`
`92`	`90`	`}`
`93`	`91`
`94`		`- $code = [];`
`95`	`92`	`foreach (['csp', 'cspReportOnly'] as $key) {`
`96`	`93`	`if (empty($config[$key])) {`
`97`	`94`	`continue;`
`98`	`95`	`}`
`99`	`96`	`$value = self::buildPolicy($config[$key]);`
`100`	`97`	`if (strpos($value, "'nonce'")) {`
`101`		`- $code[0] = '$cspNonce = base64_encode(random_bytes(16));';`
`102`	`98`	`$value = Nette\DI\ContainerBuilder::literal(`
`103`		`- 'str_replace(?, ? . $cspNonce, ?)',`
	`99`	`+ 'str_replace(?, ? . (isset($cspNonce) \? $cspNonce : $cspNonce = base64_encode(random_bytes(16))), ?)',`
`104`	`100`	`["'nonce", "'nonce-", $value]`
`105`	`101`	`);`
`106`	`102`	`}`
`@@ -111,16 +107,15 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)`
`111`	`107`	`$headers['Feature-Policy'] = self::buildPolicy($config['featurePolicy']);`
`112`	`108`	`}`
`113`	`109`
`114`		`- $code[] = Helpers::formatArgs('$response = $this->getService(?);', [$this->prefix('response')]);`
`115`	`110`	`foreach ($headers as $key => $value) {`
`116`	`111`	`if ($value !== '') {`
`117`		`- $code[] = Helpers::formatArgs('$response->setHeader(?, ?);', [$key, $value]);`
	`112`	`+ $builder->getDefinition($this->prefix('response'))`
	`113`	`+ ->addSetup('?->setHeader(?, ?);', ['@self', $key, $value]);`
`118`	`114`	`}`
`119`	`115`	`}`
`120`	`116`
`121`		`- $code[] = Helpers::formatArgs('$response->setCookie(...?);', [['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);`
`122`		`-`
`123`		`- $initialize->addBody("(function () {\n\t" . implode("\n\t", $code) . "\n})();");`
	`117`	`+ $builder->getDefinition($this->prefix('response'))`
	`118`	`+ ->addSetup('?->setCookie(...?)', ['@self', ['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);`
`124`	`119`	`}`
`125`	`120`
`126`	`121`