Plugins: Allow changing CSP by more plugins

CHANGELOG.md

@@ -3,6 +3,7 @@
 - Elasticsearch: Make it work with Elasticsearch 8
 - CSS: Hide menu on mobile
 - CSS: Invert icons in dark mode
+- Plugins: Allow changing CSP by more plugins
 
 ## Adminer 5.1.0 (released 2025-03-24)
 - Display collation at table structure if different from table

adminer/include/adminer.inc.php

@@ -86,10 +86,11 @@ class Adminer {
 	}
 
 	/** Get Content Security Policy headers
-	* @return list<string[]> of arrays with directive name in key, allowed sources in value
+	* @param list<string[]> $csp of arrays with directive name in key, allowed sources in value
+	* @return list<string[]> same as $csp
 	*/
-	function csp(): array {
-		return csp();
+	function csp(array $csp): array {
+		return $csp;
 	}
 
 	/** Print HTML code inside <head>

adminer/include/design.inc.php

@@ -133,7 +133,7 @@ function page_headers(): void {
 	header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
 	header("X-Content-Type-Options: nosniff");
 	header("Referrer-Policy: origin-when-cross-origin");
-	foreach (adminer()->csp() as $csp) {
+	foreach (adminer()->csp(csp()) as $csp) {
 		$header = array();
 		foreach ($csp as $key => $val) {
 			$header[] = "$key $val";

editor/include/adminer.inc.php

@@ -59,8 +59,8 @@ class Adminer {
 	function headers() {
 	}
 
-	function csp() {
-		return csp();
+	function csp($csp) {
+		return $csp;
 	}
 
 	function head($dark = null) {

plugins/version-github.php

@@ -26,9 +26,7 @@ verifyVersion = (current, url, token) => {
 <?php
 	}
 
-	function csp() {
-		$csp = Adminer\csp();
+	function csp(&$csp) {
 		$csp[0]["connect-src"] .= " https://api.github.com/repos/vrana/adminer/releases/latest";
-		return $csp;
 	}
 }