search

nelmio / NelmioSecurityBundle

Adds extra security-related features in your Symfony application
https://symfony.com/bundles/NelmioSecurityBundle/
MIT License
651 stars 85 forks source link

Avoid CSP header overwrite #306

Closed Seldaek closed 2 years ago

Seldaek commented 2 years ago

We have a case where we already configure a CSP header on the response, and then the bundle is overwriting it, which is not great IMO.

Seldaek commented 2 years ago

@franmomu happy to get a review here. The phpstan failures seem unrelated to the PR though, I guess they're new errors from a new PHPStan release.

codecov-commenter commented 2 years ago

Codecov Report

Merging #306 (dd0888d) into master (34699d4) will increase coverage by 0.00%. The diff coverage is 100.00%.

@@            Coverage Diff            @@
##             master     #306   +/-   ##
=========================================
  Coverage     95.69%   95.69%           
- Complexity      424      426    +2     
=========================================
  Files            55       55           
  Lines          1393     1395    +2     
=========================================
+ Hits           1333     1335    +2     
  Misses           60       60
Impacted Files Coverage Δ
...rc/EventListener/ContentSecurityPolicyListener.php 88.23% <100.00%> (+0.28%) :arrow_up:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 34699d4...dd0888d. Read the comment docs.

franmomu commented 2 years ago

Thanks @Seldaek!