PolicyMutatedEvent¶
New in version 12.3.
The PSR-14 event
\TYPO3\CMS\Core\Security\ContentSecurityPolicy\Event\PolicyMutatedEvent
will be dispatched once all mutations have been applied to the current
Content Security Policy object, just before the
corresponding HTTP header is added to the HTTP response object. This allows
individual adjustments for custom implementations.
Example¶
<?php
declare(strict_types=1);
namespace MyVendor\MyExtension\ContentSecurityPolicy\EventListener;
use TYPO3\CMS\Core\Attribute\AsEventListener;
use TYPO3\CMS\Core\Security\ContentSecurityPolicy\Directive;
use TYPO3\CMS\Core\Security\ContentSecurityPolicy\Event\PolicyMutatedEvent;
use TYPO3\CMS\Core\Security\ContentSecurityPolicy\Scope;
use TYPO3\CMS\Core\Security\ContentSecurityPolicy\UriValue;
#[AsEventListener(
identifier: 'my-extension/mutate-policy'
)]
final class MyEventListener
{
public function __invoke(PolicyMutatedEvent $event): void
{
if ($event->scope !== Scope::backend()) {
// Only the backend policy should be adjusted
return;
}
// Allow images from example.org
$event->getCurrentPolicy()->extend(
Directive::ImgSrc,
new UriValue('https://example.org/')
);
}
}
New in version 13.0: The PHP attribute \TYPO3\CMS\Core\Attribute\AsEventListener
has been
introduced to tag a PHP class as an event listener. Alternatively, or if you
need to be compatible with older TYPO3 versions, you can also register an
event listener via the Configuration/Services.yaml
file. Switch to
an older version of this page for an example or have a look at the section
Implementing an event listener in your extension.
API¶
- class TYPO3\CMS\Core\Security\ContentSecurityPolicy\Event\PolicyMutatedEvent¶
- property scope¶
- property defaultPolicy¶
- isPropagationStopped()¶
- Return type
bool
- stopPropagation()¶
- getCurrentPolicy()¶
- Return type
TYPO3\CMS\Core\Security\ContentSecurityPolicy\Policy
- setCurrentPolicy(TYPO3\\CMS\\Core\\Security\\ContentSecurityPolicy\\Policy $currentPolicy)¶
- Parameters
$currentPolicy (
TYPO3\CMS\Core\Security\ContentSecurityPolicy\Policy
) -- the currentPolicy
- getMutationCollections()¶
- Return type
array
- Returns
list<MutationCollection>
- setMutationCollections(TYPO3\\CMS\\Core\\Security\\ContentSecurityPolicy\\MutationCollection $mutationCollections)¶
- Parameters
$mutationCollections (
TYPO3\CMS\Core\Security\ContentSecurityPolicy\MutationCollection
) -- the mutationCollections