cspService = $cspService; $this->cache = $cache; } /** * Fetch our custom HTML head content prepared for use on web pages. * Content has a nonce applied for CSP. */ public function forWeb(): string { $content = $this->getSourceContent(); $hash = md5($content); $html = $this->cache->remember('custom-head-web:' . $hash, 86400, function () use ($content) { return HtmlNonceApplicator::prepare($content); }); return HtmlNonceApplicator::apply($html, $this->cspService->getNonce()); } /** * Fetch our custom HTML head content prepared for use in export formats. * Scripts are stripped to avoid potential issues. */ public function forExport(): string { $content = $this->getSourceContent(); $hash = md5($content); return $this->cache->remember('custom-head-export:' . $hash, 86400, function () use ($content) { return HtmlContentFilter::removeScriptsFromHtmlString($content); }); } /** * Get the original custom head content to use. */ protected function getSourceContent(): string { return setting('app-custom-head', ''); } }