3v4l.org

run code in 150+ php & hhvm versions
Bugs & Features
<?php namespace owasp\csp; class ContentSecurityPolicy { const DEFAULT_SRC = 'default-src'; const SCRIPT_SRC = 'script-src'; const OBJECT_SRC = 'object-src'; const STYLE_SRC = 'style-src'; const IMG_SRC = 'img-src'; const MEDIA_SRC = 'media-src'; const FRAME_SRC = 'frame-src'; const FONT_SRC = 'font-src'; const CONNECT_SRC = 'connect-src'; const SOURCE_NONE = "'none'"; const SOURCE_SELF = "'self'"; const SOURCE_UNSAFE_INLINE = "'unsafe-inline'"; const SOURCE_UNSAFE_EVAL = "'unsafe-eval'"; private $policy; public function __construct() { $this->policy = array(); $this->setPolicySourceDirectives(); } private function setPolicySourceDirectives(){ $refl = new \ReflectionClass(__CLASS__); $srcPattern = '/.+_SRC$/'; foreach ($refl->getConstants() as $constant => $value){ if (preg_match($srcPattern, $constant)){ $this->policy[constant(__CLASS__.'::'.$constant)] = array(); } } } private function copy() { $retval = new ContentSecurityPolicy(); foreach ($this->policy as $directive => $sources) { foreach ($sources as $source) { array_push($retval->policy[$directive], $source); } } return $retval; } function addSource($directive, $source) { if (!isset($this->policy[$directive])) { throw new CSPException("Invalid directive"); } $this->policy[$directive][] = $source; return $this; } function toString() { return $this->__toString(); } public function __toString(){ $retval = array(); foreach ($this->policy as $directive => $sources) { if (sizeof($sources) > 0) { $retval[] = join(' ', array($directive, join(' ', $sources))); } } return 'Content-Security-Policy: ' . join('; ', $retval); } } class CSPException extends \Exception {} use owasp\csp\ContentSecurityPolicy as CSP; $csp = new CSP(); $csp->addSource(CSP::DEFAULT_SRC, CSP::SOURCE_SELF) ->addSource(CSP::SCRIPT_SRC, CSP::SOURCE_SELF) ->addSource(CSP::SCRIPT_SRC, 'http://code.jquery.com') ->addSource(CSP::STYLE_SRC, ContentSecurityPolicy::SOURCE_SELF) ->addSource(CSP::STYLE_SRC, 'http://tracker.cztorrent.net/') ->addSource(CSP::FONT_SRC, 'https://fonts.googleapis.com'); echo $csp->toString(); exit("\nDone!\n");
based on 390sg
Output for 5.3.0 - 7.1.0
Content-Security-Policy: default-src 'self'; script-src 'self' http://code.jquery.com; style-src 'self' http://tracker.cztorrent.net/; font-src https://fonts.googleapis.com Done!
Output for 4.4.2 - 4.4.9, 5.1.0 - 5.2.17
Parse error: syntax error, unexpected T_STRING in /in/UIbvT on line 2
Process exited with code 255.
Output for 4.3.0 - 4.3.1, 4.3.5 - 4.4.1, 5.0.0 - 5.0.5
Parse error: parse error, unexpected T_STRING in /in/UIbvT on line 2
Process exited with code 255.
Output for 4.3.2 - 4.3.4
Parse error: parse error in /in/UIbvT on line 2
Process exited with code 255.