Skip to content

Commit

Permalink
Helpers::getNonce() -> getNonceAttr()
Browse files Browse the repository at this point in the history
  • Loading branch information
dg committed Aug 7, 2024
1 parent a1c872f commit 8f021a2
Show file tree
Hide file tree
Showing 7 changed files with 10 additions and 13 deletions.
4 changes: 2 additions & 2 deletions src/Tracy/Bar/Bar.php
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ public function renderLoader(DeferredContent $defer): void

$this->loaderRendered = true;
$requestId = $defer->getRequestId();
$nonce = Helpers::getNonce();
$nonceAttr = Helpers::getNonceAttr();
$async = true;
require __DIR__ . '/assets/loader.phtml';
}
Expand Down Expand Up @@ -101,7 +101,7 @@ public function render(DeferredContent $defer): void
$defer->addSetup('Tracy.Debug.init', $content);

} else {
$nonce = Helpers::getNonce();
$nonceAttr = Helpers::getNonceAttr();
$async = false;
Debugger::removeOutputBuffers(false);
require __DIR__ . '/assets/loader.phtml';
Expand Down
3 changes: 1 addition & 2 deletions src/Tracy/Bar/assets/loader.phtml
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,13 @@ declare(strict_types=1);
namespace Tracy;

/**
* @var ?string $nonce
* @var string $nonceAttr
* @var bool $async
* @var string $requestId
*/

$baseUrl = $_SERVER['REQUEST_URI'] ?? '';
$baseUrl .= strpos($baseUrl, '?') === false ? '?' : '&';
$nonceAttr = $nonce ? ' nonce="' . Helpers::escapeHtml($nonce) . '"' : '';
$asyncAttr = $async ? ' async' : '';
?>
<?php if (empty($content)): ?>
Expand Down
2 changes: 1 addition & 1 deletion src/Tracy/BlueScreen/BlueScreen.php
Original file line number Diff line number Diff line change
Expand Up @@ -179,7 +179,7 @@ private function renderTemplate(\Throwable $exception, string $template, bool $t
], Debugger::$customCssFiles));
$css = Helpers::minifyCss(implode('', $css));

$nonce = $toScreen ? Helpers::getNonce() : null;
$nonceAttr = $toScreen ? Helpers::getNonceAttr() : null;
$actions = $toScreen ? $this->renderActions($exception) : [];

require $template;
Expand Down
3 changes: 1 addition & 2 deletions src/Tracy/BlueScreen/assets/page.phtml
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,12 @@ namespace Tracy;
/**
* @var \Throwable $exception
* @var string $title
* @var ?string $nonce
* @var string $nonceAttr
* @var string $css
* @var string $source
*/

$code = $exception->getCode() ? ' #' . $exception->getCode() : '';
$nonceAttr = $nonce ? ' nonce="' . Helpers::escapeHtml($nonce) . '"' : '';
$chain = Helpers::getExceptionChain($exception);
?><!DOCTYPE html><!-- "' --></textarea></script></style></pre></xmp></a></iframe></noembed></noframes></noscript></option></select></template></title></table></p></code>
<html>
Expand Down
2 changes: 1 addition & 1 deletion src/Tracy/Debugger/assets/error.500.phtml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,6 @@ namespace Tracy;
</div>
</div>

<script>
<script<?= Helpers::getNonceAttr() ?>>
document.body.insertBefore(document.getElementById('tracy-error'), document.body.firstChild);
</script>
3 changes: 1 addition & 2 deletions src/Tracy/Dumper/Dumper.php
Original file line number Diff line number Diff line change
Expand Up @@ -155,8 +155,7 @@ public static function renderAssets(): void

$sent = true;

$nonce = Helpers::getNonce();
$nonceAttr = $nonce ? ' nonce="' . Helpers::escapeHtml($nonce) . '"' : '';
$nonceAttr = Helpers::getNonceAttr();
$s = file_get_contents(__DIR__ . '/../assets/toggle.css')
. file_get_contents(__DIR__ . '/assets/dumper-light.css')
. file_get_contents(__DIR__ . '/assets/dumper-dark.css');
Expand Down
6 changes: 3 additions & 3 deletions src/Tracy/Helpers.php
Original file line number Diff line number Diff line change
Expand Up @@ -329,11 +329,11 @@ public static function isCli(): bool


/** @internal */
public static function getNonce(): ?string
public static function getNonceAttr(): string
{
return preg_match('#^Content-Security-Policy(?:-Report-Only)?:.*\sscript-src\s+(?:[^;]+\s)?\'nonce-([\w+/]+=*)\'#mi', implode("\n", headers_list()), $m)
? $m[1]
: null;
? ' nonce="' . self::escapeHtml($m[1]) . '"'
: '';
}


Expand Down

0 comments on commit 8f021a2

Please sign in to comment.