Disable CSP header on exception pages only in debug
Same condition is used by default TwigBridge ExceptionController to evaluate if styled exception page is supposed to be shown.
This commit is contained in:
parent
1b92f0685d
commit
b77538c2fe
@ -129,6 +129,7 @@
|
||||
<tag name="monolog.logger" channel="request" />
|
||||
<argument>%twig.exception_listener.controller%</argument>
|
||||
<argument type="service" id="logger" on-invalid="null" />
|
||||
<argument>%kernel.debug%</argument>
|
||||
</service>
|
||||
|
||||
<service id="twig.controller.exception" class="%twig.controller.exception.class%">
|
||||
|
@ -32,11 +32,13 @@ class ExceptionListener implements EventSubscriberInterface
|
||||
{
|
||||
protected $controller;
|
||||
protected $logger;
|
||||
protected $debug;
|
||||
|
||||
public function __construct($controller, LoggerInterface $logger = null)
|
||||
public function __construct($controller, LoggerInterface $logger = null, $debug = false)
|
||||
{
|
||||
$this->controller = $controller;
|
||||
$this->logger = $logger;
|
||||
$this->debug = $debug;
|
||||
}
|
||||
|
||||
public function onKernelException(GetResponseForExceptionEvent $event)
|
||||
@ -71,7 +73,7 @@ class ExceptionListener implements EventSubscriberInterface
|
||||
|
||||
$event->setResponse($response);
|
||||
|
||||
if ($eventDispatcher instanceof EventDispatcherInterface) {
|
||||
if ($this->debug && $eventDispatcher instanceof EventDispatcherInterface) {
|
||||
$cspRemovalListener = function (FilterResponseEvent $event) use (&$cspRemovalListener, $eventDispatcher) {
|
||||
$event->getResponse()->headers->remove('Content-Security-Policy');
|
||||
$eventDispatcher->removeListener(KernelEvents::RESPONSE, $cspRemovalListener);
|
||||
|
@ -134,7 +134,7 @@ class ExceptionListenerTest extends TestCase
|
||||
return new Response($request->getRequestFormat());
|
||||
}));
|
||||
|
||||
$listener = new ExceptionListener('foo', $this->getMockBuilder('Psr\Log\LoggerInterface')->getMock());
|
||||
$listener = new ExceptionListener('foo', $this->getMockBuilder('Psr\Log\LoggerInterface')->getMock(), true);
|
||||
|
||||
$dispatcher->addSubscriber($listener);
|
||||
|
||||
|
Reference in New Issue
Block a user