Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 74a1cc3

Browse filesBrowse files
fabpotfabpot
committed
bug #22090 [WebProfilerBundle] Fix Content-Security-Policy compatibility in case of a style-src 'self' policy (romainneutron)
This PR was merged into the 3.2 branch. Discussion ---------- [WebProfilerBundle] Fix Content-Security-Policy compatibility in case of a `style-src 'self'` policy | Q | A | ------------- | --- | Branch? | 3.2 <!-- see comment below --> | Bug fix? | yes | New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files --> | BC breaks? | no | Deprecations? | no <!-- don't forget updating UPGRADE-*.md files --> | Tests pass? | yes | Fixed tickets | #22053 #20963 | License | MIT This fixes the compatibility of the bundle in case of a `style-src 'self'` policy. This PR must be rebased once #22089 is merged Commits ------- 4acec89 [WebProfilerBundle] Fix content-security-policy compatibility
2 parents 48e90e3 + 4acec89 commit 74a1cc3
Copy full SHA for 74a1cc3

File tree

Expand file treeCollapse file tree

3 files changed

+5
-5
lines changed
Filter options
Expand file treeCollapse file tree

3 files changed

+5
-5
lines changed

‎src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar.html.twig

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar.html.twig
-3Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,6 @@
44
{{ include('@WebProfiler/Icon/symfony.svg') }}
55
</a>
66
</div>
7-
<style{% if csp_style_nonce %} nonce="{{ csp_style_nonce }}"{% endif %}>
8-
{{ include('@WebProfiler/Profiler/toolbar.css.twig', { 'position': position, 'floatable': true }) }}
9-
</style>
107
<div id="sfToolbarClearer-{{ token }}" class="sf-toolbar-clearer"></div>
118

129
<div id="sfToolbarMainContent-{{ token }}" class="sf-toolbarreset clear-fix" data-no-turbolink>

‎src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_js.html.twig

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_js.html.twig
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
<div id="sfwdt{{ token }}" class="sf-toolbar sf-display-none"></div>
22
{{ include('@WebProfiler/Profiler/base_js.html.twig') }}
3+
<style{% if csp_style_nonce %} nonce="{{ csp_style_nonce }}"{% endif %}>
4+
{{ include('@WebProfiler/Profiler/toolbar.css.twig', { 'position': position, 'floatable': true }) }}
5+
</style>
36
<script{% if csp_script_nonce %} nonce={{ csp_script_nonce }}{% endif %}>/*<![CDATA[*/
47
(function () {
58
{% if 'top' == position %}

‎src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php
+2-2Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -157,9 +157,9 @@ private function createController($profiler, $twig, $withCSP)
157157
if ($withCSP) {
158158
$nonceGenerator = $this->getMockBuilder('Symfony\Bundle\WebProfilerBundle\Csp\NonceGenerator')->getMock();
159159

160-
return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'normal', new ContentSecurityPolicyHandler($nonceGenerator));
160+
return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'bottom', new ContentSecurityPolicyHandler($nonceGenerator));
161161
}
162162

163-
return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'normal');
163+
return new ProfilerController($urlGenerator, $profiler, $twig, array());
164164
}
165165
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.