/** * This method is called to process any request and dispatches * it to on of the do* -methods of the scriptlet. It will also * call the `doCreateSession()` method if necessary. * * @param scriptlet.HttpScriptletRequest request * @param scriptlet.HttpScriptletResponse response * @throws scriptlet.ScriptletException indicating fatal errors */ public function service(HttpScriptletRequest $request, HttpScriptletResponse $response) { $host = $request->getHeader('X-Forwarded-Host', $request->getEnvValue('HTTP_HOST')); $request->setURL($this->_url(('on' == $request->getEnvValue('HTTPS') ? 'https' : 'http') . '://' . substr($host, 0, strcspn($host, ',')) . $request->getEnvValue('REQUEST_URI'))); // Check if this method can be handled. In case it can't, throw a // ScriptletException with the HTTP status code 501 ("Method not // implemented"). The request object will already have all headers // and the request method set when this method is called. if (!($method = $this->handleMethod($request))) { throw new ScriptletException('HTTP method "' . $request->method . '" not supported', HttpConstants::STATUS_METHOD_NOT_IMPLEMENTED); } // Call the request's initialization method $request->initialize(); // Create response object. Answer with the same protocol version that the // user agent sends us with the request. The only versions we should be // getting are 1.0 (some proxies or do this) or 1.1 (any current browser). // Answer with a "HTTP Version Not Supported" statuscode (#505) for any // other protocol version. $response->setURI($request->getURL()); if (2 != sscanf($proto = $request->getEnvValue('SERVER_PROTOCOL'), 'HTTP/%[1].%[01]', $major, $minor)) { throw new ScriptletException('Unsupported HTTP protocol version "' . $proto . '" - expected HTTP/1.0 or HTTP/1.1', HttpConstants::STATUS_HTTP_VERSION_NOT_SUPPORTED); } $response->version = '1.' . $minor; // Check if a session is present. This is either the case when a session // is already in the URL or if the scriptlet explicetly states it needs // one (by returning TRUE from needsSession()). if ($this->needsSession($request) || $request->getSessionId()) { $request->setSession($this->_session()); $valid = false; try { $this->handleSessionInitialization($request); $valid = $request->session->isValid(); } catch (\lang\XPException $e) { // Check if session initialization errors can be handled gracefully // (default: no). If not, throw a HttpSessionInvalidException with // the HTTP status code 503 ("Service temporarily unavailable"). if (!$this->handleSessionInitializationError($request, $response)) { throw new HttpSessionInvalidException('Session initialization failed: ' . $e->getMessage(), HttpConstants::STATUS_SERVICE_TEMPORARILY_UNAVAILABLE, $e); } // Fall through, otherwise } // Check if invalid sessions can be handled gracefully (default: no). // If not, throw a HttpSessionInvalidException with the HTTP status // code 400 ("Bad request"). if (!$valid) { if (!$this->handleInvalidSession($request, $response)) { throw new HttpSessionInvalidException('Session is invalid', HttpConstants::STATUS_BAD_REQUEST); } // Fall through, otherwise } // Call doCreateSession() in case the session is new if ($request->session->isNew()) { $method = 'doCreateSession'; } } // If this scriptlet has an authenticator, run its authenticate() // method. This method may return FALSE to indicate no further // processing is to be done (e.g., in case it redirects to a login // site). Exceptions thrown are wrapped in a ScriptletException // with status code 403 ("Forbidden"). if ($auth = $this->getAuthenticator($request)) { array_unshift($this->filters, new AuthenticationFilter($auth)); } // Call method handler and, in case the method handler returns anything // else than FALSE, the response processor. Exceptions thrown from any of // the two methods will result in a ScriptletException with the HTTP // status code 500 ("Internal Server Error") being thrown. try { $r = (new Invocation([$this, $method], $this->filters))->proceed($request, $response); if (false !== $r) { $response->process(); } } catch (ScriptletException $e) { throw $e; } catch (\lang\SystemExit $e) { throw $e; } catch (\Exception $e) { // PHP 5 throw new ScriptletException('Request processing failed [' . $method . ']: ' . $e->getMessage(), HttpConstants::STATUS_INTERNAL_SERVER_ERROR, $e); } catch (\Throwable $e) { // PHP 7 throw new ScriptletException('Request processing failed [' . $method . ']: ' . $e->getMessage(), HttpConstants::STATUS_INTERNAL_SERVER_ERROR, $e); } }
/** * Overwritten method from parent class * * @param string content Content * @throws lang.IllegalAccessException */ public function setContent($content) { if ($this->_processed) { throw new \lang\IllegalAccessException('Cannot write directly'); } parent::setContent($content); }