From 2fbc97e375c3dfd4c0dbdbd602e90e0a0c95be3d Mon Sep 17 00:00:00 2001
From: Derick Alangi <alangiderick@gmail.com>
Date: Wed, 20 Mar 2019 22:51:56 +0100
Subject: [PATCH] CSP: Minor cleanup in ContentSecurityPolicy.php

Cleanups include;
- Remove elseif() path for cases where if has a return state
  and instead convert the elseif() into an if.
- Fix PHPDoc for non-existent parameter. Corrected parameter
  name.
- Add @throws phpdoc annotation for a method that could throw
  an exception.
- Remove unnecessary parentheses.
- Make sure line doesn't exceed 100 characters.

Change-Id: Ic2d882ae0c6f3859b5a268b1bfb50c8eafa294d9
---
 includes/ContentSecurityPolicy.php | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/includes/ContentSecurityPolicy.php b/includes/ContentSecurityPolicy.php
index 62160461c9..be598eae83 100644
--- a/includes/ContentSecurityPolicy.php
+++ b/includes/ContentSecurityPolicy.php
@@ -98,11 +98,14 @@ class ContentSecurityPolicy {
 	 *
 	 * @param int $reportOnly Either self::REPORT_ONLY_MODE or self::FULL_MODE
 	 * @return string Name of http header
+	 * @throws UnexpectedValueException
 	 */
 	private function getHeaderName( $reportOnly ) {
 		if ( $reportOnly === self::REPORT_ONLY_MODE ) {
 			return 'Content-Security-Policy-Report-Only';
-		} elseif ( $reportOnly === self::FULL_MODE ) {
+		}
+
+		if ( $reportOnly === self::FULL_MODE ) {
 			return 'Content-Security-Policy';
 		}
 		throw new UnexpectedValueException( $reportOnly );
@@ -111,7 +114,8 @@ class ContentSecurityPolicy {
 	/**
 	 * Determine what CSP policies to set for this page
 	 *
-	 * @param array|bool $config Policy configuration (Either $wgCSPHeader or $wgCSPReportOnlyHeader)
+	 * @param array|bool $policyConfig Policy configuration
+	 *   (Either $wgCSPHeader or $wgCSPReportOnlyHeader)
 	 * @param int $mode self::REPORT_ONLY_MODE, self::FULL_MODE
 	 * @return string Policy directives, or empty string for no policy.
 	 */
@@ -152,8 +156,8 @@ class ContentSecurityPolicy {
 			}
 		}
 		// Note: default on if unspecified.
-		if ( ( !isset( $policyConfig['unsafeFallback'] )
-			|| $policyConfig['unsafeFallback'] )
+		if ( !isset( $policyConfig['unsafeFallback'] )
+			|| $policyConfig['unsafeFallback']
 		) {
 			// unsafe-inline should be ignored on browsers
 			// that support 'nonce-foo' sources.
-- 
2.20.1