/**
* Origin Trials tokens.
*
- * @since 1.34
+ * @since 1.33
* @var array
*/
$wgOriginTrials = [];
*
* @warning EXPERIMENTAL!
*
- * @since 1.34
+ * @since 1.33
* @var bool
*/
$wgPriorityHints = false;
*
* @warning EXPERIMENTAL!
*
- * @since 1.34
+ * @since 1.33
* @var bool
*/
$wgElementTiming = false;
+/**
+ * Expiry of the endpoint definition for the Reporting API.
+ *
+ * @warning EXPERIMENTAL!
+ *
+ * @since 1.34
+ * @var int
+ */
+$wgReportToExpiry = 86400;
+
+/**
+ * List of endpoints for the Reporting API.
+ *
+ * @warning EXPERIMENTAL!
+ *
+ * @since 1.34
+ * @var array
+ */
+$wgReportToEndpoints = [];
+
+/**
+ * List of Feature Policy Reporting types to enable.
+ * Each entry is turned into a Feature-Policy-Report-Only header.
+ *
+ * @warning EXPERIMENTAL!
+ *
+ * @since 1.34
+ * @var array
+ */
+$wgFeaturePolicyReportOnly = [];
+
/**
* For really cool vim folding this needs to be at the end:
* vim: foldmarker=@{,@} foldmethod=marker
return $config->get( 'OriginTrials' );
}
+ private function getReportTo() {
+ $config = $this->getConfig();
+
+ $expiry = $config->get( 'ReportToExpiry' );
+
+ if ( !$expiry ) {
+ return false;
+ }
+
+ $endpoints = $config->get( 'ReportToEndpoints' );
+
+ if ( !$endpoints ) {
+ return false;
+ }
+
+ $output = [ 'max_age' => $expiry, 'endpoints' => [] ];
+
+ foreach ( $endpoints as $endpoint ) {
+ $output['endpoints'][] = [ 'url' => $endpoint ];
+ }
+
+ return json_encode( $output, JSON_UNESCAPED_SLASHES );
+ }
+
+ private function getFeaturePolicyReportOnly() {
+ $config = $this->getConfig();
+
+ $features = $config->get( 'FeaturePolicyReportOnly' );
+ return implode( ';', $features );
+ }
+
/**
* Send cache control HTTP headers
*/
$response->header( "Origin-Trial: $originTrial", false );
}
+ $reportTo = $this->getReportTo();
+ if ( $reportTo ) {
+ $response->header( "Report-To: $reportTo" );
+ }
+
+ $featurePolicyReportOnly = $this->getFeaturePolicyReportOnly();
+ if ( $featurePolicyReportOnly ) {
+ $response->header( "Feature-Policy-Report-Only: $featurePolicyReportOnly" );
+ }
+
ContentSecurityPolicy::sendHeaders( $this );
if ( $this->mArticleBodyOnly ) {