Skip to content

Commit 5140773

Browse files
michalsnmichalsn
authored
refactor: keep CSP lazy when resetting Kint in worker mode (#10147)
1 parent 0d51e00 commit 5140773

2 files changed

Lines changed: 35 additions & 4 deletions

File tree

system/CodeIgniter.php

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,8 @@
3939
use Config\Cache;
4040
use Config\Feature;
4141
use Config\Services;
42+
use Kint\Kint;
43+
use Kint\Renderer\RichRenderer;
4244
use Locale;
4345
use ReflectionFunction;
4446
use ReflectionFunctionAbstract;
@@ -207,10 +209,17 @@ private function resetKintForWorkerMode(): void
207209
return;
208210
}
209211

210-
$csp = service('csp');
211-
if ($csp->enabled()) {
212-
RichRenderer::$js_nonce = $csp->getScriptNonce();
213-
RichRenderer::$css_nonce = $csp->getStyleNonce();
212+
// Keep CSP lazy unless it was already initialized or explicitly enabled.
213+
if (Services::has('csp') || config(App::class)->CSPEnabled) {
214+
$csp = service('csp');
215+
216+
if ($csp->enabled()) {
217+
RichRenderer::$js_nonce = $csp->getScriptNonce();
218+
RichRenderer::$css_nonce = $csp->getStyleNonce();
219+
} else {
220+
RichRenderer::$js_nonce = null;
221+
RichRenderer::$css_nonce = null;
222+
}
214223
} else {
215224
RichRenderer::$js_nonce = null;
216225
RichRenderer::$css_nonce = null;

tests/system/CodeIgniterTest.php

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1306,4 +1306,26 @@ public function testResetForWorkerMode(): void
13061306
$this->assertSame($csp->getStyleNonce(), RichRenderer::$css_nonce);
13071307
$this->assertTrue(RichRenderer::$needs_pre_render);
13081308
}
1309+
1310+
public function testResetForWorkerModeDoesNotLoadCspWhenDisabled(): void
1311+
{
1312+
$this->resetServices();
1313+
1314+
config(App::class)->CSPEnabled = false;
1315+
1316+
RichRenderer::$js_nonce = 'stale-script-nonce';
1317+
RichRenderer::$css_nonce = 'stale-style-nonce';
1318+
RichRenderer::$needs_pre_render = false;
1319+
1320+
$codeigniter = new MockCodeIgniter(new App());
1321+
1322+
$this->assertFalse(Services::has('csp'));
1323+
1324+
$codeigniter->resetForWorkerMode();
1325+
1326+
$this->assertFalse(Services::has('csp'));
1327+
$this->assertNull(RichRenderer::$js_nonce);
1328+
$this->assertNull(RichRenderer::$css_nonce);
1329+
$this->assertTrue(RichRenderer::$needs_pre_render);
1330+
}
13091331
}

0 commit comments

Comments
 (0)