]> BookStack Code Mirror - bookstack/blobdiff - app/Http/Middleware/ApplyCspRules.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
respective book and chapter structure added.
[bookstack] / app / Http / Middleware / ApplyCspRules.php
diff --git a/app/Http/Middleware/ApplyCspRules.php b/app/Http/Middleware/ApplyCspRules.php
index a65d12a05ca4bb54c2bb410d309a24a7882da921..9f3a8d1d84f157b69c95e8758e3f8b26f0d90d66 100644 (file)
--- a/app/Http/Middleware/ApplyCspRules.php
+++ b/app/Http/Middleware/ApplyCspRules.php
@@ -8,11 +8,7 @@ use Illuminate\Http\Request;
 
 class ApplyCspRules
 {
-
-    /**
-     * @var CspService
-     */
-    protected $cspService;
+    protected CspService $cspService;
 
     public function __construct(CspService $cspService)
     {
@@ -36,12 +32,9 @@ class ApplyCspRules
 
         $response = $next($request);
 
-        $this->cspService->setFrameAncestors($response);
-        $this->cspService->setScriptSrc($response);
-        $this->cspService->setObjectSrc($response);
-        $this->cspService->setBaseUri($response);
+        $cspHeader = $this->cspService->getCspHeader();
+        $response->headers->set('Content-Security-Policy', $cspHeader, false);
 
         return $response;
     }
-
 }
The core source code for the BookStack project.