/** @inheritdoc */
public function __construct(array $settings = [])
{
$this->_request = IfSet::get($settings, 'request', Request::createFromGlobals());
$this->_response = IfSet::get($settings, 'response', Response::create());
$this->_container = null;
parent::__construct($settings);
}
/**
* @param string $host The host of the entry, or "*" for all
* @param int $port The port of the entry
* @param string $scheme The scheme of the entry
* @param array $allowedVerbs The verbs allowed for the entry. Defaults to all verbs being allowed
*/
public function __construct($host = null, $port = null, $scheme = null, $allowedVerbs = null)
{
$this->_host = strtolower($host ?: IfSet::get($_SERVER, 'HTTP_HOST'));
if (static::WIDE_OPEN != $this->_host) {
$this->_port = $port ?: IfSet::get($_SERVER, 'SERVER_PORT');
$this->_scheme = $scheme ?: 'http' . (IfSet::getBool($_SERVER, 'HTTPS') ? 's' : null);
// Ignore standard ports
'https' == $this->_scheme && 443 == $this->_port && ($this->_port = null);
'http' == $this->_scheme && 80 == $this->_port && ($this->_port = null);
}
$this->_allowedVerbs = $allowedVerbs ?: [Verbs::GET, Verbs::POST, Verbs::PUT, Verbs::DELETE, Verbs::PATCH, Verbs::MERGE, Verbs::COPY, Verbs::OPTIONS];
}
/**
* @param string|array $origin The parse_url value of origin
* @param array $additional Additional origin(s) to allow
* @param bool $isStar Set to true if the allowed origin is "*"
*
* @return bool|array false if not allowed, otherwise array of verbs allowed
*/
protected function _checkOrigin($origin, array $additional = [], &$isStar = false)
{
$_checklist = array_merge($this->_whitelist, $additional);
foreach ($_checklist as $_hostInfo) {
// Always start with defaults
$_allowedVerbs = $this->_verbs;
$_whiteGuy = $_hostInfo;
if (is_array($_hostInfo)) {
// If is_enabled prop not there, assuming enabled.
if (!Scalar::boolval(IfSet::get($_hostInfo, 'is_enabled', true))) {
continue;
}
if (null === ($_whiteGuy = IfSet::get($_hostInfo, 'host'))) {
$this->_logger->error('whitelist entry missing "host" parameter');
continue;
}
if (isset($_hostInfo['verbs'])) {
if (!in_array(Verbs::OPTIONS, $_hostInfo['verbs'])) {
// add OPTION to allowed list
$_hostInfo['verbs'][] = Verbs::OPTIONS;
}
$_allowedVerbs = $_hostInfo['verbs'];
}
}
// All allowed?
if (static::ALLOW_ALL == $_whiteGuy) {
$isStar = true;
return $_allowedVerbs;
}
if (false === ($_whiteParts = Uri::parse($_whiteGuy))) {
$this->_logger->error('unable to parse "' . $_whiteGuy . '" whitelist entry');
continue;
}
$this->_logger->debug('whitelist "' . $_whiteGuy . '" > parts: ' . print_r($_whiteParts, true));
// Check for un-parsed origin, 'null' sent when testing js files locally
if (is_array($origin) && Uri::compare($origin, $_whiteParts)) {
// This origin is on the whitelist
return $_allowedVerbs;
}
}
return false;
}
