agent foundation
This commit is contained in:
@@ -52,6 +52,7 @@ final class EnvValidator
|
||||
);
|
||||
}
|
||||
|
||||
// Validation is on by default; set APP_CONFIG_VALIDATE=false to skip (e.g. in CI without full env).
|
||||
public static function isValidationEnabled(): bool
|
||||
{
|
||||
$raw = getenv('APP_CONFIG_VALIDATE');
|
||||
@@ -188,6 +189,7 @@ final class EnvValidator
|
||||
}
|
||||
}
|
||||
|
||||
// Production-only hard requirements: HTTPS, real hostname, crypto key, debug off, strict tenant scope.
|
||||
if ($appEnv === 'prod') {
|
||||
if ($appUrl !== '' && $appUrlIsValid) {
|
||||
$appUrlScheme = strtolower((string) parse_url($appUrl, PHP_URL_SCHEME));
|
||||
@@ -270,6 +272,7 @@ final class EnvValidator
|
||||
return array_values(array_filter(array_map('trim', explode(',', $value))));
|
||||
}
|
||||
|
||||
// Accepts either 64-char hex (32 bytes) or base64-encoded 32 bytes — both produce a 256-bit key.
|
||||
private static function isValidCryptoKey(string $value): bool
|
||||
{
|
||||
if (preg_match('/^[a-f0-9]{64}$/i', $value) === 1) {
|
||||
|
||||
Reference in New Issue
Block a user