src/EventSubscriber/HttpHeaderSubscriber.php line 11

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber;
  5. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  6. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  7. use Symfony\Component\HttpKernel\KernelEvents;
  9. class HttpHeaderSubscriber implements EventSubscriberInterface
  10. {
  11.     public function onKernelResponse(ResponseEvent $event): void
  12.     {
  13.         $response $event->getResponse();
  14.         $format   $event->getRequest()->getRequestFormat();
  16.         $headers $response->headers;
  17.         $headers->set('X-Content-Type-Options''nosniff');
  18.         $headers->set('X-Frame-Options''SAMEORIGIN');
  19.         $headers->set('X-XSS-Protection''1; mode=block');
  20. //        $headers->set('Content-Security-Policy', "script-src 'self' https://www.google.com");
  21.         if ('html' === $format) {
  22.             $headers->set('X-UA-Compatible''ie=edge');
  23.         }
  24.     }
  26.     public static function getSubscribedEvents(): array
  27.     {
  28.         return [
  29.             KernelEvents::RESPONSE => [['onKernelResponse'1]],
  30.         ];
  31.     }
  32. }