Aidan Woods

Oops I left this a while longer than I wanted too 😬 I'll pick up on this up later today hopefully

This seems like a reasonable thing to do, I'll put this in the next feature release. I'm about to start re-writing some of the internals, including CSP related stuff (part...

> I would not drop support for PHP 5.4, since the latest Ubuntu LTS version is served with that version. Then, you may not be able to use this library...

Ironic that they're shipping software that won't receive any security updates then, isn't it? 😉 On Thu, 3 Aug 2017 at 09:53, Jens Hausdorf wrote: > If Ubuntu LTS is...

Unfortunately PHP 5.4 won't be maintained till then (it is not maintained currently, or even recently). As said previous, having dead (and unsafe) software on LTS an issue for Ubuntu...

Would you not find it confusing when using methods that cannot return the current instance? E.g. https://github.com/aidantwoods/SecureHeaders/wiki/cspNonce

Also just as a btw, no need to call `->auto` if you're not passing it any arguments :) See: https://github.com/aidantwoods/SecureHeaders/wiki/auto > [...] If unconfigured, the default setting is SecureHeaders::AUTO_ALL.

> No, I wouldn't as soon as it's clear that this is a getter, so I would call it `getCspNonce(...$args)` instead. Hmm... it's not a "pure" getter though (as-in: it...

I think it'll have to be a no for now. I may revisit in future though. --- As an aside: just some thoughts on method chaining, having a think about...

I can definely agree with it not being terribly nice :p Perhaps this should be split into seperate methods to generate + add, and then subsequently get the nonce?