chore: send server policies, check for responder in middlewares

6d3718b8 · Mateusz Charytoniuk · 8c393919 · 6d3718b8 · 6d3718b8 · 6d3718b8
Commit 6d3718b8 authored 1 year ago by Mateusz Charytoniuk
--- a/src/HttpMiddleware/ContentSecurityPolicyMiddleware.php
+++ b/src/HttpMiddleware/ContentSecurityPolicyMiddleware.php
@@ -17,7 +17,6 @@ use Distantmagic\Resonance\SecurityPolicyHeaders;
 use Distantmagic\Resonance\SingletonCollection;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
-use RuntimeException;
 /**
 * @template-extends HttpMiddleware<ContentSecurityPolicy>
@@ -39,17 +38,8 @@ readonly class ContentSecurityPolicyMiddleware extends HttpMiddleware
        Attribute $attribute,
        HttpInterceptableInterface|HttpResponderInterface $next,
    ): HttpInterceptableInterface|HttpResponderInterface {
-        if (!($next instanceof HttpResponderInterface)) {
-            throw new RuntimeException(sprintf(
-                '"%s" can only handle "%s", got: "%s"',
-                self::class,
-                HttpResponderInterface::class,
-                $next::class,
-            ));
-        }
        return new Override(
-            responder: $next,
+            responder: Override::assertResponder($next),
            request: $request,
            response: match ($attribute->contentSecurityPolicyType) {
                ContentSecurityPolicyType::Html => $this->securityPolicyHeaders->sendTemplatedPagePolicyHeaders($request, $response),

--- a/src/HttpResponder/Override.php
+++ b/src/HttpResponder/Override.php
@@ -7,11 +7,21 @@ namespace Distantmagic\Resonance\HttpResponder;
 use Distantmagic\Resonance\HttpInterceptableInterface;
 use Distantmagic\Resonance\HttpResponder;
 use Distantmagic\Resonance\HttpResponderInterface;
+use InvalidArgumentException;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 readonly class Override extends HttpResponder
 {
+    public static function assertResponder(HttpInterceptableInterface|HttpResponderInterface $responder): HttpResponderInterface
+    {
+        if (!($responder instanceof HttpResponderInterface)) {
+            throw new InvalidArgumentException('The responder must be an instance of '.HttpResponderInterface::class);
+        }
+        return $responder;
+    }
    public function __construct(
        private HttpResponderInterface $responder,
        private ServerRequestInterface $request,

--- a/src/SecurityPolicyHeaders.php
+++ b/src/SecurityPolicyHeaders.php
@@ -20,7 +20,9 @@ final readonly class SecurityPolicyHeaders
    {
        return $this->sendCrossOriginPolicies(
            $this->sendRefererPolicies(
-                $this->sendXPolicies($response)
+                $this->sendXPolicies(
+                    $this->sendServer($response)
+                )
            )
        )
            ->withHeader('cache-control', 'public, max-age=31536000, immutable')