security::csp::add_static_resource_header (public)

 security::csp::add_static_resource_header -mime_type mime_type

Defined in packages/acs-tcl/tcl/security-procs.tcl

Set the CSP rule on the current connection for a static resource depending on the MIME type.

Switches:
-mime_type (required)
MIME type of the resource to be delivered

Partial Call Graph (max 5 caller/called nodes):
%3 ad_returnfile_background ad_returnfile_background (public) security::csp::add_static_resource_header security::csp::add_static_resource_header ad_returnfile_background->security::csp::add_static_resource_header cr_write_content-file cr_write_content-file (private) cr_write_content-file->security::csp::add_static_resource_header rp_serve_resource_file rp_serve_resource_file (private) rp_serve_resource_file->security::csp::add_static_resource_header

Testcases:
No testcase defined.
Source code:
        if {![ns_conn isconnected]} {
            error "Content-Security-Policy headers can be only set for active connections"
        }
        if {[dict exists $::security::csp::static_csp $mime_type]} {
            ns_set iupdate [ns_conn outputheaders]  "Content-Security-Policy" [dict get $::security::csp::static_csp $mime_type]
            ns_log notice "STATIC $mime_type: Content-Security-Policy [dict get $::security::csp::static_csp $mime_type]"
        } else {
            #ns_log notice "STATIC $mime_type: no Content-Security-Policy defined for this MIME type"
        }
Generic XQL file:
packages/acs-tcl/tcl/security-procs.xql

PostgreSQL XQL file:
packages/acs-tcl/tcl/security-procs-postgresql.xql

Oracle XQL file:
packages/acs-tcl/tcl/security-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: