<?phpdeclare(strict_types=1);namespace Campit\SecurityHeaders\Subscriber\Core;use Campit\SecurityHeaders\Rule\IsValidResponseInterface;use Campit\SecurityHeaders\Service\ConfigReader;use Symfony\Component\EventDispatcher\EventSubscriberInterface;use Symfony\Component\HttpKernel\Event\ResponseEvent;use Symfony\Component\HttpKernel\KernelEvents;class AddSecurityHeaders implements EventSubscriberInterface{ private ConfigReader $configReader; private IsValidResponseInterface $isValidResponse; public function __construct( ConfigReader $configReader, IsValidResponseInterface $isValidResponse ) { $this->configReader = $configReader; $this->isValidResponse = $isValidResponse; } public static function getSubscribedEvents(): array { return [ KernelEvents::RESPONSE => 'setSecurityHeaders', ]; } public function setSecurityHeaders(ResponseEvent $event): void { if (!($this->isValidResponse)($event)) { return; } $response = $event->getResponse(); $context = $response->getContext(); $contentSecurityPolicyHeader = $this->configReader->contentSecurityPolicyHeader($context->getSalesChannelId()); if ($contentSecurityPolicyHeader) { $response->headers->set('Content-Security-Policy', $contentSecurityPolicyHeader); } $contentSecurityPolicyReportOnlyHeader = $this->configReader->contentSecurityPolicyReportOnlyHeader($context->getSalesChannelId()); if ($contentSecurityPolicyReportOnlyHeader) { $response->headers->set('Content-Security-Policy-Report-Only', $contentSecurityPolicyReportOnlyHeader); } $permissionPolicyHeader = $this->configReader->permissionPolicyHeader($context->getSalesChannelId()); if ($permissionPolicyHeader) { $response->headers->set('Permissions-Policy', $permissionPolicyHeader); } }}