2013-02-18 03:48:21 +01:00
|
|
|
<?php
|
|
|
|
|
2015-08-29 03:34:34 +02:00
|
|
|
namespace Response;
|
2013-02-18 03:48:21 +01:00
|
|
|
|
|
|
|
|
|
|
|
function force_download($filename)
|
|
|
|
{
|
|
|
|
header('Content-Disposition: attachment; filename="'.$filename.'"');
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-02-08 20:13:14 +01:00
|
|
|
function content_type($mimetype)
|
|
|
|
{
|
|
|
|
header('Content-Type: '.$mimetype);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-02-18 03:48:21 +01:00
|
|
|
function status($status_code)
|
|
|
|
{
|
2014-03-17 02:56:43 +01:00
|
|
|
$sapi_name = php_sapi_name();
|
|
|
|
|
|
|
|
if (strpos($sapi_name, 'apache') !== false || $sapi_name === 'cli-server') {
|
2013-02-18 03:48:21 +01:00
|
|
|
header('HTTP/1.0 '.$status_code);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
header('Status: '.$status_code);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-12-24 03:28:26 +01:00
|
|
|
function redirect($url, $status_code = 302)
|
2013-02-18 03:48:21 +01:00
|
|
|
{
|
2014-12-24 03:28:26 +01:00
|
|
|
header('Location: '.$url, true, $status_code);
|
2013-02-18 03:48:21 +01:00
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function json(array $data, $status_code = 200)
|
|
|
|
{
|
|
|
|
status($status_code);
|
|
|
|
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
echo json_encode($data);
|
|
|
|
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function text($data, $status_code = 200)
|
|
|
|
{
|
|
|
|
status($status_code);
|
|
|
|
|
|
|
|
header('Content-Type: text/plain; charset=utf-8');
|
|
|
|
echo $data;
|
|
|
|
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function html($data, $status_code = 200)
|
|
|
|
{
|
|
|
|
status($status_code);
|
|
|
|
|
|
|
|
header('Content-Type: text/html; charset=utf-8');
|
|
|
|
echo $data;
|
|
|
|
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function xml($data, $status_code = 200)
|
|
|
|
{
|
|
|
|
status($status_code);
|
|
|
|
|
|
|
|
header('Content-Type: text/xml; charset=utf-8');
|
|
|
|
echo $data;
|
|
|
|
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-06-15 05:12:08 +02:00
|
|
|
function js($data, $status_code = 200)
|
|
|
|
{
|
|
|
|
status($status_code);
|
|
|
|
|
|
|
|
header('Content-Type: text/javascript; charset=utf-8');
|
|
|
|
echo $data;
|
|
|
|
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-12-29 22:52:36 +01:00
|
|
|
function raw($data, $status_code = 200)
|
|
|
|
{
|
|
|
|
status($status_code);
|
|
|
|
echo $data;
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-03-24 15:30:55 +01:00
|
|
|
function binary($data, $status_code = 200)
|
|
|
|
{
|
|
|
|
status($status_code);
|
|
|
|
|
|
|
|
header('Content-Transfer-Encoding: binary');
|
|
|
|
header('Content-Type: application/octet-stream');
|
|
|
|
echo $data;
|
|
|
|
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-02-18 03:48:21 +01:00
|
|
|
function csp(array $policies = array())
|
|
|
|
{
|
|
|
|
$policies['default-src'] = "'self'";
|
2013-08-06 01:21:37 +02:00
|
|
|
$values = '';
|
2013-02-18 03:48:21 +01:00
|
|
|
|
2013-08-06 01:21:37 +02:00
|
|
|
foreach ($policies as $policy => $hosts) {
|
2013-02-18 03:48:21 +01:00
|
|
|
|
2013-08-06 01:21:37 +02:00
|
|
|
if (is_array($hosts)) {
|
2013-02-18 03:48:21 +01:00
|
|
|
|
2013-08-06 01:21:37 +02:00
|
|
|
$acl = '';
|
2013-02-18 03:48:21 +01:00
|
|
|
|
2013-08-06 01:21:37 +02:00
|
|
|
foreach ($hosts as &$host) {
|
|
|
|
|
2015-02-01 20:48:05 +01:00
|
|
|
if ($host === '*' || $host === "'self'" || strpos($host, 'http') === 0) {
|
2013-08-06 01:21:37 +02:00
|
|
|
$acl .= $host.' ';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
|
|
|
|
$acl = $hosts;
|
2013-02-18 03:48:21 +01:00
|
|
|
}
|
|
|
|
|
2013-08-06 01:21:37 +02:00
|
|
|
$values .= $policy.' '.trim($acl).'; ';
|
2013-02-18 03:48:21 +01:00
|
|
|
}
|
2013-08-06 01:21:37 +02:00
|
|
|
|
|
|
|
header('Content-Security-Policy: '.$values);
|
2013-02-18 03:48:21 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function nosniff()
|
|
|
|
{
|
|
|
|
header('X-Content-Type-Options: nosniff');
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function xss()
|
|
|
|
{
|
|
|
|
header('X-XSS-Protection: 1; mode=block');
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function hsts()
|
|
|
|
{
|
|
|
|
header('Strict-Transport-Security: max-age=31536000');
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function xframe($mode = 'DENY', array $urls = array())
|
|
|
|
{
|
|
|
|
header('X-Frame-Options: '.$mode.' '.implode(' ', $urls));
|
|
|
|
}
|