Improved in-file documentation.

src/ContentSecurityPolicy.php

@@ -1,23 +1,39 @@
 <?php
 
 namespace WPH\Security;
-
+/**
+ * Helps configuring the Content-Security-Policy header and all possible arguments.
+ *
+ * @since  1.2.0
+ * @author  WP Helpers | Carlos Matos
+ *
+ *
+ */
 class ContentSecurityPolicy
 {
 	public $policies = [];
 
-	public $ReportOnly = false;
+	public $reportOnly = false;
 
+	/**
+	 * Retrieves the value of the built CSP header.
+	 *
+	 * @return  $csp  string  Complete value for the CSP header.
+	 */
 	public function get()
 	{
 		$csp = implode('; ', $this->policies);
 
 		return $csp;
 	}
 
-	public function ReportOnly()
+	/**
+	 * Sets CSP header as Report Only
+	 * @since  1.2.0
+	 */
+	public function reportOnly()
 	{
-		$this->ReportOnly = true;
+		$this->reportOnly = true;
 	}
 
 	/**

src/Headers.php

@@ -1,9 +1,20 @@
 <?php
 
 namespace WPH\Security;
-
+/**
+ * Applies default HTTPS headers to WP websites and allows further config.
+ * Accepts additional class injections to handle complex headers and cookies.
+ *
+ * @since  1.0.0
+ * @uses  WPH\Security\ContentSecurityPolicy
+ * @author  WP Helpers | Carlos Matos
+ */
 class Headers {
 
+    /**
+     * Preconfigured headers.
+     * @var  $toApply  array  Array of preconfigured HTTPs headers.
+     */
     public $toApply = [
     	'X-Frame-Options' => 'SAMEORIGIN',
     	'X-Content-Type-Options' => 'nosniff',
@@ -12,10 +23,23 @@ class Headers {
     	'Strict-Transport-Security' => 'max-age=31536000; includeSubDomains',
     	'Expect-CT' => '',
     ];
-
+    /**
+     * Report log location URI.
+     * @var  $report_uri  string  URL to report file.
+     */
     public $report_uri;
 
-    public function __construct(ContentSecurityPolicy $csp = null) {
+    /**
+     * Class constructor.
+     *
+     * @since  1.0.0
+     * @author  WP Helpers | Carlos Matos
+     *
+     * @param  $csp  object  COntentSecurityPolicy instance.
+     * @return  void()
+     *
+     */
+    public function __construct(\WPH\Security\ContentSecurityPolicy $csp = null) {
 
     	if (!file_exists(WP_CONTENT_DIR . '/security/')) {
 			mkdir(WP_CONTENT_DIR . '/security/', 0777, true);
@@ -36,6 +60,12 @@ public function __construct(ContentSecurityPolicy $csp = null) {
 
     }
 
+    /**
+     * Adds headers after the class instance.
+     *
+     * @internal
+     * @since  1.0.0
+     */
     public function add() {
 
     	foreach ($this->toApply as $key => $value) {
@@ -45,11 +75,25 @@ public function add() {
 
     }
 
+    /**
+     * Allows adding new headers after the class instance.
+     *
+     * @param  $header  string  Name of the header.
+     * @param  $value  string  Value and arguments for this header.
+     *
+     * @since  1.0.0
+     */
     public function set(string $header, string $value) {
 
     	$this->toApply[$header] = $value;
     }
 
+    /**
+     * Retrieves an array of all headers to be set.
+     *
+     * @since 1.0.0
+     * @return  $this->toApply  array
+     */
     public static function list() {
 
     	return $this->toApply;