Instead of sending headers on his own, the module append them to the headers response collection on "afterPrepare"

bicf · bicf · commit 8503a2ab20e9 · 2018-09-24T07:28:15.000+02:00
diff --git a/src/components/Response.php b/src/components/Response.php
@@ -5,13 +5,13 @@
 
 /**
  * Class Response
+ *
  * ```php
  * [
  *     'components' => [
  *         'response' => [
  *             'class' => 'bicf\securityheaders\Response',
- *             'on afterPrepare' => ['bicf\securityheaders\Response','modulesInit'],
- *             'on afterSend' => ['bicf\securityheaders\Response','modulesSendHeaders'],
+ *             'on afterPrepare' => ['bicf\securityheaders\Response','addSecurityHeaders'],
  *             'modules' => [
  *                'XContentTypeOptions'=>[
  *                    'class' => 'bicf\securityheaders\modules\HeaderXContentTypeOptions',
@@ -93,11 +93,11 @@ public function init()
     /**
      *
      */
-    public static function modulesSendHeaders($event)
+    public static function addSecurityHeaders($event)
     {
         /** @var $event->sender \bicf\securityheaders\components\Response */
         foreach ($event->sender->modules as $module){
-            $module->send();
+            $module->run();
         }
     }
 }
diff --git a/src/modules/HeaderAccessControlAllowMethods.php b/src/modules/HeaderAccessControlAllowMethods.php
@@ -18,11 +18,12 @@ public function init()
         }
     }
 
-    public function send()
+    public function run()
     {
         if(!$this->enabled){
             return;
         }
-        \Yii::$app->response->headers->set('Access-Control-Allow-Methods',$this->value);
+//        new Header
+        \Yii::$app->response->headers->add('Access-Control-Allow-Methods',$this->value);
     }
 }
diff --git a/src/modules/HeaderAccessControlAllowOrigin.php b/src/modules/HeaderAccessControlAllowOrigin.php
@@ -10,14 +10,14 @@ class HeaderAccessControlAllowOrigin extends HeaderModuleBase
 {
     public $value;
 
-    public function send()
+    public function run()
     {
         if(!$this->enabled){
             return;
         }
         if($this->value === null){
             return;
         }
-        \Yii::$app->response->headers->set('Access-Control-Allow-Origin',$this->value);
+        \Yii::$app->response->headers->add('Access-Control-Allow-Origin',$this->value);
     }
 }
diff --git a/src/modules/HeaderContentSecurityPolicyBase.php b/src/modules/HeaderContentSecurityPolicyBase.php
@@ -36,7 +36,7 @@ abstract class HeaderContentSecurityPolicyBase extends HeaderModuleBase
     /**
      * add the security header
      */
-    public function send(){
+    public function run(){
         if(!$this->enabled){
             return;
         }
@@ -50,7 +50,7 @@ public function send(){
             $value .="$sep$k $v";
             $sep ="; ";
         }
-        \Yii::$app->response->headers->set($this->headerName,$value);
+        \Yii::$app->response->headers->add($this->headerName,$value);
     }
 
     public function injectBehavior(Response $response)
diff --git a/src/modules/HeaderModuleInterface.php b/src/modules/HeaderModuleInterface.php
@@ -15,5 +15,5 @@ interface HeaderModuleInterface
 {
     public function init();
     public function injectBehavior(Response $response);
-    public function send();
+    public function run();
 }
diff --git a/src/modules/HeaderXContentTypeOptions.php b/src/modules/HeaderXContentTypeOptions.php
@@ -20,11 +20,11 @@ public function init()
     }
 
 
-    public function send()
+    public function run()
     {
         if(!$this->enabled){
             return;
         }
-        \Yii::$app->response->headers->set('X-Content-Type-Options',$this->value);
+        \Yii::$app->response->headers->add('X-Content-Type-Options',$this->value);
     }
 }
diff --git a/tests/tp.php b/tests/tp.php
@@ -0,0 +1,14 @@
+<?php
+
+for($three=1;$three<2000;$three++){
+for($two=1;$two<2000;$two++){
+    $gtwo = gmp_pow("2",$two);
+    $gthree = gmp_pow("3",$three);
+    $gnup = gmp_add(gmp_mul($gtwo,$gthree),1 );
+    $gndown = gmp_sub(gmp_mul($gtwo,$gthree),"1" );
+    if(gmp_prob_prime($gnup) && gmp_prob_prime($gndown)){
+        printf("%s ## %s \n",gmp_strval($gndown),gmp_strval($gnup));
+
+    }
+ }
+}

Original file line number	Diff line number	Diff line change
`@@ -5,13 +5,13 @@`
`5`	`5`
`6`	`6`	`/**`
`7`	`7`	`* Class Response`
	`8`	`+ *`
`8`	`9`	* ```php
`9`	`10`	`* [`
`10`	`11`	`* 'components' => [`
`11`	`12`	`* 'response' => [`
`12`	`13`	`* 'class' => 'bicf\securityheaders\Response',`
`13`		`- * 'on afterPrepare' => ['bicf\securityheaders\Response','modulesInit'],`
`14`		`- * 'on afterSend' => ['bicf\securityheaders\Response','modulesSendHeaders'],`
	`14`	`+ * 'on afterPrepare' => ['bicf\securityheaders\Response','addSecurityHeaders'],`
`15`	`15`	`* 'modules' => [`
`16`	`16`	`* 'XContentTypeOptions'=>[`
`17`	`17`	`* 'class' => 'bicf\securityheaders\modules\HeaderXContentTypeOptions',`
`@@ -93,11 +93,11 @@ public function init()`
`93`	`93`	`/**`
`94`	`94`	`*`
`95`	`95`	`*/`
`96`		`- public static function modulesSendHeaders($event)`
	`96`	`+ public static function addSecurityHeaders($event)`
`97`	`97`	`{`
`98`	`98`	`/** @var $event->sender \bicf\securityheaders\components\Response */`
`99`	`99`	`foreach ($event->sender->modules as $module){`
`100`		`- $module->send();`
	`100`	`+ $module->run();`
`101`	`101`	`}`
`102`	`102`	`}`
`103`	`103`	`}`
Original file line number	Diff line number	Diff line change
`@@ -18,11 +18,12 @@ public function init()`
`18`	`18`	`}`
`19`	`19`	`}`
`20`	`20`
`21`		`- public function send()`
	`21`	`+ public function run()`
`22`	`22`	`{`
`23`	`23`	`if(!$this->enabled){`
`24`	`24`	`return;`
`25`	`25`	`}`
`26`		`- \Yii::$app->response->headers->set('Access-Control-Allow-Methods',$this->value);`
	`26`	`+// new Header`
	`27`	`+ \Yii::$app->response->headers->add('Access-Control-Allow-Methods',$this->value);`
`27`	`28`	`}`
`28`	`29`	`}`
Original file line number	Diff line number	Diff line change
`@@ -10,14 +10,14 @@ class HeaderAccessControlAllowOrigin extends HeaderModuleBase`
`10`	`10`	`{`
`11`	`11`	`public $value;`
`12`	`12`
`13`		`- public function send()`
	`13`	`+ public function run()`
`14`	`14`	`{`
`15`	`15`	`if(!$this->enabled){`
`16`	`16`	`return;`
`17`	`17`	`}`
`18`	`18`	`if($this->value === null){`
`19`	`19`	`return;`
`20`	`20`	`}`
`21`		`- \Yii::$app->response->headers->set('Access-Control-Allow-Origin',$this->value);`
	`21`	`+ \Yii::$app->response->headers->add('Access-Control-Allow-Origin',$this->value);`
`22`	`22`	`}`
`23`	`23`	`}`
Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ abstract class HeaderContentSecurityPolicyBase extends HeaderModuleBase`
`36`	`36`	`/**`
`37`	`37`	`* add the security header`
`38`	`38`	`*/`
`39`		`- public function send(){`
	`39`	`+ public function run(){`
`40`	`40`	`if(!$this->enabled){`
`41`	`41`	`return;`
`42`	`42`	`}`
`@@ -50,7 +50,7 @@ public function send(){`
`50`	`50`	`$value .="$sep$k $v";`
`51`	`51`	`$sep ="; ";`
`52`	`52`	`}`
`53`		`- \Yii::$app->response->headers->set($this->headerName,$value);`
	`53`	`+ \Yii::$app->response->headers->add($this->headerName,$value);`
`54`	`54`	`}`
`55`	`55`
`56`	`56`	`public function injectBehavior(Response $response)`
Original file line number	Diff line number	Diff line change
`@@ -15,5 +15,5 @@ interface HeaderModuleInterface`
`15`	`15`	`{`
`16`	`16`	`public function init();`
`17`	`17`	`public function injectBehavior(Response $response);`
`18`		`- public function send();`
	`18`	`+ public function run();`
`19`	`19`	`}`
Original file line number	Diff line number	Diff line change
`@@ -20,11 +20,11 @@ public function init()`
`20`	`20`	`}`
`21`	`21`
`22`	`22`
`23`		`- public function send()`
	`23`	`+ public function run()`
`24`	`24`	`{`
`25`	`25`	`if(!$this->enabled){`
`26`	`26`	`return;`
`27`	`27`	`}`
`28`		`- \Yii::$app->response->headers->set('X-Content-Type-Options',$this->value);`
	`28`	`+ \Yii::$app->response->headers->add('X-Content-Type-Options',$this->value);`
`29`	`29`	`}`
`30`	`30`	`}`