public function handleRequest(HttpRequest $request, MiddlewareChain $chain, $sendResponseEvent = true)
{
$previous = $this->scope->enter($request);
try {
$dispatchRequest = new DispatchRequest($chain, $request);
$response = $dispatchRequest->proceed();
if (!$response->hasHeader('Cache-Control')) {
$response->setHeader('Cache-Control', 'max-age=0, no-cache');
}
if ($sendResponseEvent) {
$this->dispatcher->notify(new SendResponseEvent($request, self::MASTER_REQUEST, $response, $this));
if ($response->hasEntity()) {
$entity = new StringEntity($response->getContents());
// Do not prepare the HTTP response because headers from the previous entity must be preserved.
$response->setEntity($entity, false);
}
}
return $response;
} finally {
$this->scope->leave($request);
if ($previous !== NULL) {
$this->scope->enter($previous);
}
}
}
public function process(DispatchRequest $request)
{
if ($this->middlewares->isEmpty()) {
$type = $request->isMaster() ? DispatcherInterface::MASTER_REQUEST : DispatcherInterface::SUB_REQUEST;
return $this->dispatcher->process($request->getHttpRequest(), $type);
}
return $this->middlewares->extract()->process($request);
}
public function process(DispatchRequest $dispatch)
{
if (!$dispatch->isMaster()) {
return $dispatch->proceed();
}
$request = $dispatch->getHttpRequest();
$path = $request->getPathInfo();
$m = NULL;
if (!preg_match("'^_res/+(.+)\$'i", $path, $m)) {
return $dispatch->proceed();
}
$path = $m[1];
if ('app/' === substr($path, 0, 4)) {
$resource = 'k2://app/' . substr($path, 4);
} else {
$parts = explode('/', $path, 2);
if (count($parts) !== 2) {
return new HttpResponse(Http::CODE_NOT_FOUND);
}
$resource = 'k2://' . $parts[0] . '/' . $parts[1];
}
if (!is_file($resource)) {
return new HttpResponse(Http::CODE_NOT_FOUND);
}
if (!$this->publisher->isPublic($resource)) {
return new HttpResponse(Http::CODE_FORBIDDEN);
}
$response = new HttpResponse();
// Conditional caching:
$etag = sprintf('"%x-%x"', filemtime($resource), filesize($resource));
$response->setHeader('Access-Control-Allow-Origin', '*');
$response->setHeader('Cache-Control', 'public, max-age=7200');
$response->setHeader('ETag', $etag);
$response->setHeader(new ExpiresHeader(new \DateTimeImmutable('@' . (time() + 7200))));
if ($etag === $request->getHeader('If-None-Match', '')) {
$response->setStatus(Http::CODE_NOT_MODIFIED);
return $response;
}
$mediaType = new MediaType(Filesystem::guessMimeTypeFromFilename($resource));
$response->setHeader('X-Content-Type-Options', 'nosniff');
if ($mediaType->isType('text')) {
$response->setHeader('Content-Type', $mediaType . '; charset="utf-8"');
} else {
$response->setHeader('Content-Type', (string) $mediaType);
}
$response->setEntity(new FileEntity(new \SplFileInfo($resource)));
return $response;
}
public function process(DispatchRequest $request)
{
if (!$request->isMaster()) {
return $request->proceed();
}
$httpRequest = $request->getHttpRequest();
$firewall = NULL;
foreach ($this->firewalls as $candidate) {
if ($candidate->matchesRequest($httpRequest)) {
$firewall = $candidate;
try {
$response = $firewall->interceptRequest($httpRequest);
} catch (AccessDeniedException $e) {
return new HttpResponse(Http::CODE_FORBIDDEN);
}
if ($response instanceof HttpResponse) {
return $response;
}
break;
}
}
try {
if ($firewall === NULL) {
$response = $request->proceed();
} else {
try {
$response = $request->proceed();
} catch (AccessDeniedException $e) {
return $firewall->authenticate($request->getHttpRequest());
}
}
if ($firewall !== NULL) {
$response = $firewall->interceptResponse($request->getHttpRequest(), $response);
}
return $response;
} catch (AccessDeniedException $e) {
return new HttpResponse(Http::CODE_FORBIDDEN);
}
}
public function process(DispatchRequest $request)
{
if (!$request->isMaster() || $this->session->isInitialized()) {
return $request->proceed();
}
$httpRequest = $request->getHttpRequest();
$name = (string) $this->config->getString('session.name', 'sid');
if ($httpRequest->hasCookie($name)) {
$this->session->initialize($httpRequest->getCookie($name));
} else {
$this->session->initialize();
}
$response = $request->proceed();
if ($this->session->isStarted()) {
$response->setHeader('Cache-Control', 'no-cache,no-store,max-age=0,must-revalidate,proxy-revalidate');
$response->setHeader('Pragma', 'no-cache');
$response->setHeader('P3P', 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
}
if ($this->session->isNew()) {
$config = $this->config->getConfig('cookie');
if ($config->has('path')) {
$path = $config->getString('path');
} else {
$path = '/' . ltrim($request->getHttpRequest()->getBaseUri()->getPath() . '/', '/');
}
$cookie = new SetCookieHeader($name, $this->session->getIdentifier());
$cookie->setDiscard($config->getBoolean('discard', true));
$cookie->setHttpOnly($config->getBoolean('httpOnly', true));
$cookie->setPath($path);
if ($config->has('domain')) {
$cookie->setDomain($config->getString('domain'));
}
$response->setCookie($cookie);
}
$this->session->close();
return $response;
}
public function process(DispatchRequest $dispatchRequest)
{
$request = $dispatchRequest->getHttpRequest();
if ($request->getPathInfo() !== '') {
return $dispatchRequest->proceed();
}
if ($request->isOptions()) {
$response = new HttpResponse(WebDav::CODE_NO_CONTENT);
$response->setHeader('MS-Author-Via', 'DAV');
$response->setHeader('DAV', '1, 2, 3');
$response->setHeader('Allow', 'OPTIONS, PROPFIND');
$response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0');
return $response;
}
if ($request->getMethod() == WebDav::METHOD_PROPFIND) {
$depth = strtolower($request->getHeader('Depth', 'infinity'));
switch ($depth) {
case '0':
case '1':
// OK
break;
default:
$response = new HttpResponse(WebDav::CODE_FORBIDDEN);
$response->setHeader('Content-Type', 'application/xml; charset="utf-8"');
$response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0');
$response->setEntity(function (StreamInterface $stream) {
$xml = new XmlStreamWriter($stream);
$xml->registerNamespace(WebDav::NS_DAV, 'D');
$xml->startDocument();
$xml->startElement(WebDav::NS_DAV, 'error');
$xml->writeElement(WebDav::NS_DAV, 'propfind-finite-depth');
$xml->endElement();
// D:error
$xml->endDocument();
$xml->flush();
});
return $response;
}
$response = new HttpResponse(WebDav::CODE_MULTI_STATUS);
$response->setHeader('Content-Type', 'application/xml; charset="utf-8"');
$response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0');
$response->setEntity(function (StreamInterface $stream) use($request, $depth) {
$href = rtrim($request->getBaseUri(), '/') . '/';
$xml = new XmlStreamWriter($stream);
$xml->registerNamespace(WebDav::NS_DAV, 'D');
$xml->registerNamespace(WebDav::NS_MS, 'ms');
$xml->startDocument();
$xml->startElement(WebDav::NS_DAV, 'multistatus');
$xml->startElement(WebDav::NS_DAV, 'response');
$xml->writeElement(WebDav::NS_DAV, 'href', $href);
$xml->startElement(WebDav::NS_DAV, 'propstat');
$xml->startElement(WebDav::NS_DAV, 'prop');
$xml->writeElement(WebDav::NS_DAV, 'isroot', 1);
$xml->writeElement(WebDav::NS_DAV, 'iscollection', 1);
$xml->startElement(WebDav::NS_DAV, 'resourcetype');
$xml->writeElement(WebDav::NS_DAV, 'collection');
$xml->endElement();
// D:resourcetype
$xml->writeElement(WebDav::NS_DAV, 'getcontenttype', 'httpd/unix-directory');
$xml->writeElement(WebDav::NS_DAV, 'getcontentlength', 0);
$xml->writeElement(WebDav::NS_DAV, 'creationdate', gmdate(WebDav::DATE_FORMAT_TZ, 1337));
$xml->startElement(WebDav::NS_DAV, 'getlastmodified');
$xml->writeAttribute(WebDav::NS_MS, 'dt', 'dateTime.rfc1123');
$xml->writeText(gmdate(WebDav::DATE_FORMAT_RFC1123, filemtime(__FILE__)));
$xml->endElement();
// D:getlastmodified
$xml->writeElement(WebDav::NS_DAV, 'lockdiscovery');
$xml->writeElement(WebDav::NS_DAV, 'supportedlock');
$xml->writeElement(WebDav::NS_DAV, 'supported-report-set');
$xml->endElement();
// D:prop
$xml->writeElement(WebDav::NS_DAV, 'status', 'HTTP/1.1 200 OK');
$xml->endElement();
// D:propstat
$xml->endElement();
// D:response
if ($depth == '1') {
$xml->startElement(WebDav::NS_DAV, 'response');
$xml->writeElement(WebDav::NS_DAV, 'href', $href . 'dav/');
$xml->startElement(WebDav::NS_DAV, 'propstat');
$xml->startElement(WebDav::NS_DAV, 'prop');
$xml->writeElement(WebDav::NS_DAV, 'iscollection', 1);
$xml->startElement(WebDav::NS_DAV, 'resourcetype');
$xml->writeElement(WebDav::NS_DAV, 'collection');
$xml->endElement();
// D:resourcetype
$xml->writeElement(WebDav::NS_DAV, 'getcontenttype', 'httpd/unix-directory');
$xml->writeElement(WebDav::NS_DAV, 'getcontentlength', 0);
$xml->writeElement(WebDav::NS_DAV, 'creationdate', gmdate(WebDav::DATE_FORMAT_TZ, 1337));
$xml->startElement(WebDav::NS_DAV, 'getlastmodified');
$xml->writeAttribute(WebDav::NS_MS, 'dt', 'dateTime.rfc1123');
$xml->writeText(gmdate(WebDav::DATE_FORMAT_RFC1123, filemtime(__FILE__)));
$xml->endElement();
// D:getlastmodified
$xml->writeElement(WebDav::NS_DAV, 'lockdiscovery');
$xml->writeElement(WebDav::NS_DAV, 'supportedlock');
$xml->writeElement(WebDav::NS_DAV, 'supported-report-set');
$xml->endElement();
// D:prop
$xml->writeElement(WebDav::NS_DAV, 'status', 'HTTP/1.1 200 OK');
$xml->endElement();
// D:propstat
$xml->endElement();
// D:response
}
$xml->endElement();
// D:multistatus
$xml->endDocument();
$xml->flush();
});
return $response;
}
return $dispatchRequest->proceed();
}
