diff options
| author | Frédéric Guillot <fred@kanboard.net> | 2014-05-22 12:28:28 -0400 |
|---|---|---|
| committer | Frédéric Guillot <fred@kanboard.net> | 2014-05-22 12:28:28 -0400 |
| commit | 2230dd4e6b148346c0ec596b9e3e12996a762ed8 (patch) | |
| tree | ef99ccde4f8b18592a3fb06a6ec45162c501fe38 /app/Core/Response.php | |
| parent | a750b8ab2a0cb715da6fd9025a7ec8375db68a4d (diff) | |
Code refactoring (add autoloader and change files organization)
Diffstat (limited to 'app/Core/Response.php')
| -rw-r--r-- | app/Core/Response.php | 138 |
1 files changed, 138 insertions, 0 deletions
diff --git a/app/Core/Response.php b/app/Core/Response.php new file mode 100644 index 00000000..a5f0e4dc --- /dev/null +++ b/app/Core/Response.php @@ -0,0 +1,138 @@ +<?php + +namespace Core; + +class Response +{ + public function forceDownload($filename) + { + header('Content-Disposition: attachment; filename="'.$filename.'"'); + } + + /** + * @param integer $status_code + */ + public function status($status_code) + { + header('Status: '.$status_code); + header($_SERVER['SERVER_PROTOCOL'].' '.$status_code); + } + + public function redirect($url) + { + header('Location: '.$url); + exit; + } + + public function json(array $data, $status_code = 200) + { + $this->status($status_code); + + header('Content-Type: application/json'); + echo json_encode($data); + + exit; + } + + public function text($data, $status_code = 200) + { + $this->status($status_code); + + header('Content-Type: text/plain; charset=utf-8'); + echo $data; + + exit; + } + + public function html($data, $status_code = 200) + { + $this->status($status_code); + + header('Content-Type: text/html; charset=utf-8'); + echo $data; + + exit; + } + + public function xml($data, $status_code = 200) + { + $this->status($status_code); + + header('Content-Type: text/xml; charset=utf-8'); + echo $data; + + exit; + } + + public function js($data, $status_code = 200) + { + $this->status($status_code); + + header('Content-Type: text/javascript; charset=utf-8'); + echo $data; + + exit; + } + + public function binary($data, $status_code = 200) + { + $this->status($status_code); + + header('Content-Transfer-Encoding: binary'); + header('Content-Type: application/octet-stream'); + echo $data; + + exit; + } + + public function csp(array $policies = array()) + { + $policies['default-src'] = "'self'"; + $values = ''; + + foreach ($policies as $policy => $hosts) { + + if (is_array($hosts)) { + + $acl = ''; + + foreach ($hosts as &$host) { + + if ($host === '*' || $host === 'self' || strpos($host, 'http') === 0) { + $acl .= $host.' '; + } + } + } + else { + + $acl = $hosts; + } + + $values .= $policy.' '.trim($acl).'; '; + } + + header('Content-Security-Policy: '.$values); + } + + public function nosniff() + { + header('X-Content-Type-Options: nosniff'); + } + + public function xss() + { + header('X-XSS-Protection: 1; mode=block'); + } + + public function hsts() + { + if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') { + header('Strict-Transport-Security: max-age=31536000'); + } + } + + public function xframe($mode = 'DENY', array $urls = array()) + { + header('X-Frame-Options: '.$mode.' '.implode(' ', $urls)); + } +} |