dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e552f30)
CSP: Minor cleanup in ContentSecurityPolicy.php
authorDerick Alangi <alangiderick@gmail.com>
Wed, 20 Mar 2019 21:51:56 +0000 (22:51 +0100)
committerDerick Alangi <alangiderick@gmail.com>
Wed, 20 Mar 2019 22:16:01 +0000 (23:16 +0100)
Cleanups include;
- Remove elseif() path for cases where if has a return state
  and instead convert the elseif() into an if.
- Fix PHPDoc for non-existent parameter. Corrected parameter
  name.
- Add @throws phpdoc annotation for a method that could throw
  an exception.
- Remove unnecessary parentheses.
- Make sure line doesn't exceed 100 characters.

Change-Id: Ic2d882ae0c6f3859b5a268b1bfb50c8eafa294d9

includes/ContentSecurityPolicy.php patch | blob | history

diff --git a/includes/ContentSecurityPolicy.php b/includes/ContentSecurityPolicy.php
index 6216046..be598ea 100644 (file)
--- a/includes/ContentSecurityPolicy.php
+++ b/includes/ContentSecurityPolicy.php
@@ -98,11 +98,14 @@ class ContentSecurityPolicy {
         *
         * @param int $reportOnly Either self::REPORT_ONLY_MODE or self::FULL_MODE
         * @return string Name of http header
+        * @throws UnexpectedValueException
         */
        private function getHeaderName( $reportOnly ) {
                if ( $reportOnly === self::REPORT_ONLY_MODE ) {
                        return 'Content-Security-Policy-Report-Only';
-               } elseif ( $reportOnly === self::FULL_MODE ) {
+               }
+
+               if ( $reportOnly === self::FULL_MODE ) {
                        return 'Content-Security-Policy';
                }
                throw new UnexpectedValueException( $reportOnly );
@@ -111,7 +114,8 @@ class ContentSecurityPolicy {
        /**
         * Determine what CSP policies to set for this page
         *
-        * @param array|bool $config Policy configuration (Either $wgCSPHeader or $wgCSPReportOnlyHeader)
+        * @param array|bool $policyConfig Policy configuration
+        *   (Either $wgCSPHeader or $wgCSPReportOnlyHeader)
         * @param int $mode self::REPORT_ONLY_MODE, self::FULL_MODE
         * @return string Policy directives, or empty string for no policy.
         */
@@ -152,8 +156,8 @@ class ContentSecurityPolicy {
                        }
                }
                // Note: default on if unspecified.
-               if ( !isset( $policyConfig['unsafeFallback'] )
-                       || $policyConfig['unsafeFallback'] )
+               if ( !isset( $policyConfig['unsafeFallback'] )
+                       || $policyConfig['unsafeFallback']
                ) {
                        // unsafe-inline should be ignored on browsers
                        // that support 'nonce-foo' sources.
Wiklou, le Wiki du Wiklou