/**
* Do whatever processing this filter needs to do.
* By default it should not return anything during
* normal execution. However, when an abnormal state
* is found, it should return an instance of
* CodeIgniter\HTTP\Response. If it does, script
* execution will end and that Response will be
* sent back to the client, allowing for error pages,
* redirects, etc.
*
* @param \CodeIgniter\HTTP\RequestInterface $request
*
* @return mixed
*/
public function before(RequestInterface $request)
{
if ($request->isCLI()) {
return;
}
$security = Services::security();
$security->CSRFVerify($request);
}
/**
* CSRF Set Cookie
*
* @codeCoverageIgnore
* @param RequestInterface $request
* @return $this
*/
public function CSRFSetCookie(RequestInterface $request)
{
$expire = time() + $this->CSRFExpire;
$secure_cookie = (bool) $this->cookieSecure;
if ($secure_cookie && !$request->isSecure()) {
return false;
}
setcookie($this->CSRFCookieName, $this->CSRFHash, $expire, $this->cookiePath, $this->cookieDomain, $secure_cookie, true);
log_message('info', 'CSRF cookie sent');
return $this;
}
/**
* Determines the best language to use based on the $supported
* types the application says it supports, and the types requested
* by the client.
*
* If no match is found, the first, highest-ranking client requested
* type is returned.
*
* @param array $supported
*
* @return string
*/
public function language(array $supported) : string
{
return $this->getBestMatch($supported, $this->request->getHeader('accept-language'));
}
