| [ Index ] |
PHP Cross Reference of phpBB-3.2.11-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 3 /* 4 * This file is part of the Symfony package. 5 * 6 * (c) Fabien Potencier <fabien@symfony.com> 7 * 8 * For the full copyright and license information, please view the LICENSE 9 * file that was distributed with this source code. 10 */ 11 12 namespace Symfony\Component\HttpKernel\EventListener; 13 14 use Symfony\Component\EventDispatcher\EventSubscriberInterface; 15 use Symfony\Component\HttpFoundation\Request; 16 use Symfony\Component\HttpKernel\Event\GetResponseEvent; 17 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; 18 use Symfony\Component\HttpKernel\KernelEvents; 19 use Symfony\Component\HttpKernel\UriSigner; 20 21 /** 22 * Handles content fragments represented by special URIs. 23 * 24 * All URL paths starting with /_fragment are handled as 25 * content fragments by this listener. 26 * 27 * If throws an AccessDeniedHttpException exception if the request 28 * is not signed or if it is not an internal sub-request. 29 * 30 * @author Fabien Potencier <fabien@symfony.com> 31 */ 32 class FragmentListener implements EventSubscriberInterface 33 { 34 private $signer; 35 private $fragmentPath; 36 37 /** 38 * @param UriSigner $signer A UriSigner instance 39 * @param string $fragmentPath The path that triggers this listener 40 */ 41 public function __construct(UriSigner $signer, $fragmentPath = '/_fragment') 42 { 43 $this->signer = $signer; 44 $this->fragmentPath = $fragmentPath; 45 } 46 47 /** 48 * Fixes request attributes when the path is '/_fragment'. 49 * 50 * @throws AccessDeniedHttpException if the request does not come from a trusted IP 51 */ 52 public function onKernelRequest(GetResponseEvent $event) 53 { 54 $request = $event->getRequest(); 55 56 if ($this->fragmentPath !== rawurldecode($request->getPathInfo())) { 57 return; 58 } 59 60 if ($request->attributes->has('_controller')) { 61 // Is a sub-request: no need to parse _path but it should still be removed from query parameters as below. 62 $request->query->remove('_path'); 63 64 return; 65 } 66 67 if ($event->isMasterRequest()) { 68 $this->validateRequest($request); 69 } 70 71 parse_str($request->query->get('_path', ''), $attributes); 72 $request->attributes->add($attributes); 73 $request->attributes->set('_route_params', array_replace($request->attributes->get('_route_params', array()), $attributes)); 74 $request->query->remove('_path'); 75 } 76 77 protected function validateRequest(Request $request) 78 { 79 // is the Request safe? 80 if (!$request->isMethodSafe(false)) { 81 throw new AccessDeniedHttpException(); 82 } 83 84 // is the Request signed? 85 // we cannot use $request->getUri() here as we want to work with the original URI (no query string reordering) 86 if ($this->signer->check($request->getSchemeAndHttpHost().$request->getBaseUrl().$request->getPathInfo().(null !== ($qs = $request->server->get('QUERY_STRING')) ? '?'.$qs : ''))) { 87 return; 88 } 89 90 throw new AccessDeniedHttpException(); 91 } 92 93 /** 94 * @deprecated since version 2.3.19, to be removed in 3.0. 95 * 96 * @return string[] 97 */ 98 protected function getLocalIpAddresses() 99 { 100 @trigger_error('The '.__METHOD__.' method is deprecated since Symfony 2.3.19 and will be removed in 3.0.', E_USER_DEPRECATED); 101 102 return array('127.0.0.1', 'fe80::1', '::1'); 103 } 104 105 public static function getSubscribedEvents() 106 { 107 return array( 108 KernelEvents::REQUEST => array(array('onKernelRequest', 48)), 109 ); 110 } 111 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Nov 11 20:33:01 2020 | Cross-referenced by PHPXref 0.7.1 |