承接 fyre/csp 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

fyre/csp

Composer 安装命令:

composer require fyre/csp

包简介

A content security policy library.

README 文档

README

FyreCSP is a free, open-source content security policy library for PHP.

Table Of Contents

Installation

Using Composer

composer require fyre/csp

In PHP:

use Fyre\Security\ContentSecurityPolicy;

Basic Usage

$csp = new ContentSecurityPolicy($config);

Default configuration options will be resolved from the "Csp" key in the Config.

  • $options is an array containing configuration options.
    • default is an array containing the policy directives, and will default to [].
    • report is an array containing the report-only directives, and will default to null.
    • reportTo is an array containing the Report-To header value, and will default to [].
$container->use(Config::class)->set('Csp', $options);

Autoloading

It is recommended to bind the ContentSecurityPolicy to the Container as a singleton.

$container->singleton(ContentSecurityPolicy::class);

Any dependencies will be injected automatically when loading from the Container.

$csp = $container->use(ContentSecurityPolicy::class);

Methods

Add Headers

Add CSP headers to a ClientResponse.

$newResponse = $csp->addHeaders($response);

Clear

Clear all policies.

$csp->clear();

Create Policy

Create a Policy.

  • $key is a string representing the policy key, and should be one of either ContentSecurityPolicy::DEFAULT or ContentSecurityPolicy::REPORT.
  • $directives is an array containing the directives to add, and will default to [].
$csp->createPolicy($key, $directives);

Get Policy

Get a Policy.

  • $key is a string representing the policy key, and should be one of either ContentSecurityPolicy::DEFAULT or ContentSecurityPolicy::REPORT.
$policy = $csp->getPolicy($key);

Get Policies

Get all policies.

$policies = $csp->getPolicies();

Get Report To

Get the Report-To values.

$reportTo = $csp->getReportTo();

Has Policy

Determine whether a policy exists.

  • $key is a string representing the policy key, and should be one of either ContentSecurityPolicy::DEFAULT or ContentSecurityPolicy::REPORT.
$hasPolicy = $csp->hasPolicy($key);

Set Policy

Set a policy.

  • $key is a string representing the policy key, and should be one of either ContentSecurityPolicy::DEFAULT or ContentSecurityPolicy::REPORT.
  • $policy is a Policy.
$csp->setPolicy($key, $policy);

Set Report To

Set the Report-To values.

  • $reportTo is an array containing the Report-To values.
$csp->setReportTo($reportTo);

Policies

Add Directive

Add options to a directive.

  • $directive is a string representing the directive.
  • $value is a string, or an array of strings containing the values to add. For directives that don't require values, you can set this to true or false indicating whether to include the directive.
$newPolicy = $policy->addDirective($directive, $value);

Get Directive

Get the options for a directive.

  • $directive is a string representing the directive.
$options = $policy->getDirective($directive);

Get Header

Get the header string.

$header = $policy->getHeader();

Has Directive

Determine whether a directive exists.

  • $directive is a string representing the directive.
$hasDirective = $policy->hasDirective($directive);

Remove Directive

Remove a directive.

  • $directive is a string representing the directive.
$newPolicy = $policy->removeDirective($directive);

Middleware

use Fyre\Security\Middleware\CspMiddleware;
  • $csp is a ContentSecurityPolicy.
$middleware = new CspMiddleware($csp);

Any dependencies will be injected automatically when loading from the Container.

$middleware = $container->build(CspMiddleware::class);

Handle

Handle a ServerRequest.

$response = $middleware->handle($request, $next);

This method will return a ClientResponse.

fyre/csp 适用场景与选型建议

fyre/csp 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 131 次下载、GitHub Stars 达 0, 最近一次更新时间为 2022 年 04 月 03 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 fyre/csp 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 fyre/csp 我们能提供哪些服务?
定制开发 / 二次开发

基于 fyre/csp 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 131
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 2
  • 依赖项目数: 3
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2022-04-03