diff --git a/README.md b/README.md index 9bbf765..482e9d3 100644 --- a/README.md +++ b/README.md @@ -28,18 +28,21 @@ $di->set( 'csp', function() { return $csp; }, true ); -// add CSP to dispatcher's event listener -$di->set( 'dispatcher', function() use ( $di ) { +// register application and add CSP to event manager +try { $csp = $di->getShared( 'csp' ); $eventsManager = new \Phalcon\Events\Manager(); - $eventsManager->attach( 'dispatch:afterDispatchLoop', $csp ); + $eventsManager->attach( 'application:beforeSendResponse', $csp ); - $dispatcher = new \Phalcon\Mvc\Dispatcher(); - $dispatcher->setEventsManager( $eventsManager ); + $application = new Application($di); + $application->setEventsManager( $eventsManager ); - return $dispatcher; -}, true ); + $response = $application->handle(); + $response->send(); +} catch (\Exception $e) { + echo $e->getMessage(); +} ``` Now all your policies will be compiled into `Content-Security-Policy` header and added to the response instance. To add a new policy you need to call `addPolicy()` function which accepts policy name and a value: diff --git a/composer.json b/composer.json index f22f8a6..9938e62 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "eugene-manuilov/phalcon-csp", "description": "Content Security Policy plugin for PhalconPHP framework.", - "version": "1.0.0", + "version": "1.0.1", "type": "library", "keywords": [ "php", diff --git a/src/ContentSecurityPolicy.php b/src/ContentSecurityPolicy.php index 6c10521..d638e41 100644 --- a/src/ContentSecurityPolicy.php +++ b/src/ContentSecurityPolicy.php @@ -3,7 +3,8 @@ namespace Phalcon\Plugin\CSP; use Phalcon\Events\Event; -use Phalcon\Mvc\Dispatcher; +use Phalcon\Mvc\Application; +use Phalcon\Http\Response; /** * Content Security Policy plugin. @@ -143,9 +144,10 @@ public function compilePolicies() { * * @access public * @param \Phalcon\Events\Event $event The event object. - * @param \Phalcon\Mvc\Dispatcher $dispatcher The dispatcher intsance. + * @param \Phalcon\Mvc\Application $application The application intsance. + * @param \Phalcon\Http\Response $response The response instance. */ - public function afterDispatchLoop( Event $event, Dispatcher $dispatcher ) { + public function beforeSendResponse( Event $event, Application $application, Response $response ) { if ( $this->assets instanceof \Phalcon\Plugin\CSP\Assets\Manager ) { $types = array( 'css' => self::DIRECTIVE_STYLE_SRC, diff --git a/tests/ContentSecurityPolicyTest.php b/tests/ContentSecurityPolicyTest.php index 8e5cc4a..410e3f3 100644 --- a/tests/ContentSecurityPolicyTest.php +++ b/tests/ContentSecurityPolicyTest.php @@ -11,27 +11,28 @@ class ContentSecurityPolicyTest extends \PHPUnit\Framework\TestCase { /** - * Tests whether afterDispatchLoop method is called when dispatcher exits - * from dispatch loop. + * Tests whether beforeSendResponse method is called when applications is + * going to send response. * * @since 1.0.0 * * @access public */ - public function testAfterDispatchLoop() { + public function testBeforeSendResponse() { $di = new \Phalcon\Di\FactoryDefault(); $csp = $this->createMock( ContentSecurityPolicy::class ); - $csp->expects( $this->once() )->method( 'afterDispatchLoop' ); + $csp->expects( $this->once() )->method( 'beforeSendResponse' ); $csp->setDI( $di ); $eventsManager = new \Phalcon\Events\Manager(); - $eventsManager->attach( 'dispatch:afterDispatchLoop', $csp ); + $eventsManager->attach( 'application:beforeSendResponse', $csp ); - $dispatcher = new \Phalcon\Mvc\Dispatcher(); - $dispatcher->setDI( $di ); - $dispatcher->setEventsManager( $eventsManager ); - $dispatcher->dispatch(); + $application = new \Phalcon\Mvc\Application(); + $application->setDI( $di ); + $application->setEventsManager( $eventsManager ); + $application->useImplicitView( false ); + $application->handle(); } /**