8000 bug #22090 [WebProfilerBundle] Fix Content-Security-Policy compatibil… · symfony/symfony@74a1cc3 · GitHub
[go: up one dir, main page]
Skip to content

Commit 74a1cc3

Browse files
fabpotfabpot
committed
bug #22090 [WebProfilerBundle] Fix Content-Security-Policy compatibility in case of a style-src 'self' policy (romainneutron)
This PR was merged into the 3.2 branch. Discussion ---------- [WebProfilerBundle] Fix Content-Security-Policy compatibility in case of a `style-src 'self'` policy | Q | A | ------------- | --- | Branch? | 3.2 <!-- see comment below --> | Bug fix? | yes | New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files --> | BC breaks? | no | Deprecations? | no <!-- don't forget updating UPGRADE-*.md files --> | Tests pass? | yes | Fixed tickets | #22053 #20963 | License | MIT This fixes the compatibility of the bundle in case of a `style-src 'self'` policy. This PR must be rebased once #22089 is merged Commits ------- 4acec89 [WebProfilerBundle] Fix content-security-policy compatibility
2 parents 48e90e3 + 4acec89 commit 74a1cc3

File tree

3 files changed

+5
-5
lines changed

3 files changed

+5
-5
lines changed

src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar.html.twig

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,6 @@
44
{{ include('@WebProfiler/Icon/symfony.svg') }}
55
</a>
66
</div>
7-
<style{% if csp_style_nonce %} nonce="{{ csp_style_nonce }}"{% endif %}>
8-
{{ include('@WebProfiler/Profiler/toolbar.css.twig', { 'position': position, 'floatable': true }) }}
9-
</style>
107
<div id="sfToolbarClearer-{{ token }}" class="sf-toolbar-clearer"></div>
118

129
<div id="sfToolbarMainContent-{{ token }}" class="sf-toolbarreset clear-fix" data-no-turbolink>

src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_js.html.twig

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
<div id="sfwdt{{ token }}" class="sf-toolbar sf-display-none"></div>
22
{{ include('@WebProfiler/Profiler/base_js.html.twig') }}
3+
<style{% if csp_style_nonce %} nonce="{{ csp_style_nonce }}"{% endif %}>
4+
{{ include('@WebProfiler/Profiler/toolbar.css.twig', { 'position': position, 'floatable': true }) }}
5+
</style>
36
<script{% if csp_script_nonce %} nonce={{ csp_script_nonce }}{% endif %}>/*<![CDATA[*/
47
(function () {
58
{% if 'top' == position %}

src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php

Lines changed: 2 additions & 2 deletions
< 7DE6 button class="Button Button--iconOnly Button--invisible" aria-label="More options" id=":Ri7tlab:" aria-haspopup="true" aria-expanded="false" tabindex="0">
Original file line numberDiff line numberDiff line change
@@ -157,9 +157,9 @@ private function createController($profiler, $twig, $withCSP)
157157
if ($withCSP) {
158158
$nonceGenerator = $this->getMockBuilder('Symfony\Bundle\WebProfilerBundle\Csp\NonceGenerator')->getMock();
159159

160-
return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'normal', new ContentSecurityPolicyHandler($nonceGenerator));
160+
return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'bottom', new ContentSecurityPolicyHandler($nonceGenerator));
161161
}
162162

163-
return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'normal');
163+
return new ProfilerController($urlGenerator, $profiler, $twig, array());
164164
}
165165
}

0 commit comments

Comments
 (0)
0