public function process(DispatchRequest $request) { if ($this->middlewares->isEmpty()) { $type = $request->isMaster() ? DispatcherInterface::MASTER_REQUEST : DispatcherInterface::SUB_REQUEST; return $this->dispatcher->process($request->getHttpRequest(), $type); } return $this->middlewares->extract()->process($request); }
public function process(DispatchRequest $request) { if (!$request->isMaster()) { return $request->proceed(); } $httpRequest = $request->getHttpRequest(); $firewall = NULL; foreach ($this->firewalls as $candidate) { if ($candidate->matchesRequest($httpRequest)) { $firewall = $candidate; try { $response = $firewall->interceptRequest($httpRequest); } catch (AccessDeniedException $e) { return new HttpResponse(Http::CODE_FORBIDDEN); } if ($response instanceof HttpResponse) { return $response; } break; } } try { if ($firewall === NULL) { $response = $request->proceed(); } else { try { $response = $request->proceed(); } catch (AccessDeniedException $e) { return $firewall->authenticate($request->getHttpRequest()); } } if ($firewall !== NULL) { $response = $firewall->interceptResponse($request->getHttpRequest(), $response); } return $response; } catch (AccessDeniedException $e) { return new HttpResponse(Http::CODE_FORBIDDEN); } }
public function process(DispatchRequest $request) { if (!$request->isMaster() || $this->session->isInitialized()) { return $request->proceed(); } $httpRequest = $request->getHttpRequest(); $name = (string) $this->config->getString('session.name', 'sid'); if ($httpRequest->hasCookie($name)) { $this->session->initialize($httpRequest->getCookie($name)); } else { $this->session->initialize(); } $response = $request->proceed(); if ($this->session->isStarted()) { $response->setHeader('Cache-Control', 'no-cache,no-store,max-age=0,must-revalidate,proxy-revalidate'); $response->setHeader('Pragma', 'no-cache'); $response->setHeader('P3P', 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"'); } if ($this->session->isNew()) { $config = $this->config->getConfig('cookie'); if ($config->has('path')) { $path = $config->getString('path'); } else { $path = '/' . ltrim($request->getHttpRequest()->getBaseUri()->getPath() . '/', '/'); } $cookie = new SetCookieHeader($name, $this->session->getIdentifier()); $cookie->setDiscard($config->getBoolean('discard', true)); $cookie->setHttpOnly($config->getBoolean('httpOnly', true)); $cookie->setPath($path); if ($config->has('domain')) { $cookie->setDomain($config->getString('domain')); } $response->setCookie($cookie); } $this->session->close(); return $response; }
public function process(DispatchRequest $dispatch) { if (!$dispatch->isMaster()) { return $dispatch->proceed(); } $request = $dispatch->getHttpRequest(); $path = $request->getPathInfo(); $m = NULL; if (!preg_match("'^_res/+(.+)\$'i", $path, $m)) { return $dispatch->proceed(); } $path = $m[1]; if ('app/' === substr($path, 0, 4)) { $resource = 'k2://app/' . substr($path, 4); } else { $parts = explode('/', $path, 2); if (count($parts) !== 2) { return new HttpResponse(Http::CODE_NOT_FOUND); } $resource = 'k2://' . $parts[0] . '/' . $parts[1]; } if (!is_file($resource)) { return new HttpResponse(Http::CODE_NOT_FOUND); } if (!$this->publisher->isPublic($resource)) { return new HttpResponse(Http::CODE_FORBIDDEN); } $response = new HttpResponse(); // Conditional caching: $etag = sprintf('"%x-%x"', filemtime($resource), filesize($resource)); $response->setHeader('Access-Control-Allow-Origin', '*'); $response->setHeader('Cache-Control', 'public, max-age=7200'); $response->setHeader('ETag', $etag); $response->setHeader(new ExpiresHeader(new \DateTimeImmutable('@' . (time() + 7200)))); if ($etag === $request->getHeader('If-None-Match', '')) { $response->setStatus(Http::CODE_NOT_MODIFIED); return $response; } $mediaType = new MediaType(Filesystem::guessMimeTypeFromFilename($resource)); $response->setHeader('X-Content-Type-Options', 'nosniff'); if ($mediaType->isType('text')) { $response->setHeader('Content-Type', $mediaType . '; charset="utf-8"'); } else { $response->setHeader('Content-Type', (string) $mediaType); } $response->setEntity(new FileEntity(new \SplFileInfo($resource))); return $response; }
public function process(DispatchRequest $dispatchRequest) { $request = $dispatchRequest->getHttpRequest(); if ($request->getPathInfo() !== '') { return $dispatchRequest->proceed(); } if ($request->isOptions()) { $response = new HttpResponse(WebDav::CODE_NO_CONTENT); $response->setHeader('MS-Author-Via', 'DAV'); $response->setHeader('DAV', '1, 2, 3'); $response->setHeader('Allow', 'OPTIONS, PROPFIND'); $response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0'); return $response; } if ($request->getMethod() == WebDav::METHOD_PROPFIND) { $depth = strtolower($request->getHeader('Depth', 'infinity')); switch ($depth) { case '0': case '1': // OK break; default: $response = new HttpResponse(WebDav::CODE_FORBIDDEN); $response->setHeader('Content-Type', 'application/xml; charset="utf-8"'); $response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0'); $response->setEntity(function (StreamInterface $stream) { $xml = new XmlStreamWriter($stream); $xml->registerNamespace(WebDav::NS_DAV, 'D'); $xml->startDocument(); $xml->startElement(WebDav::NS_DAV, 'error'); $xml->writeElement(WebDav::NS_DAV, 'propfind-finite-depth'); $xml->endElement(); // D:error $xml->endDocument(); $xml->flush(); }); return $response; } $response = new HttpResponse(WebDav::CODE_MULTI_STATUS); $response->setHeader('Content-Type', 'application/xml; charset="utf-8"'); $response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0'); $response->setEntity(function (StreamInterface $stream) use($request, $depth) { $href = rtrim($request->getBaseUri(), '/') . '/'; $xml = new XmlStreamWriter($stream); $xml->registerNamespace(WebDav::NS_DAV, 'D'); $xml->registerNamespace(WebDav::NS_MS, 'ms'); $xml->startDocument(); $xml->startElement(WebDav::NS_DAV, 'multistatus'); $xml->startElement(WebDav::NS_DAV, 'response'); $xml->writeElement(WebDav::NS_DAV, 'href', $href); $xml->startElement(WebDav::NS_DAV, 'propstat'); $xml->startElement(WebDav::NS_DAV, 'prop'); $xml->writeElement(WebDav::NS_DAV, 'isroot', 1); $xml->writeElement(WebDav::NS_DAV, 'iscollection', 1); $xml->startElement(WebDav::NS_DAV, 'resourcetype'); $xml->writeElement(WebDav::NS_DAV, 'collection'); $xml->endElement(); // D:resourcetype $xml->writeElement(WebDav::NS_DAV, 'getcontenttype', 'httpd/unix-directory'); $xml->writeElement(WebDav::NS_DAV, 'getcontentlength', 0); $xml->writeElement(WebDav::NS_DAV, 'creationdate', gmdate(WebDav::DATE_FORMAT_TZ, 1337)); $xml->startElement(WebDav::NS_DAV, 'getlastmodified'); $xml->writeAttribute(WebDav::NS_MS, 'dt', 'dateTime.rfc1123'); $xml->writeText(gmdate(WebDav::DATE_FORMAT_RFC1123, filemtime(__FILE__))); $xml->endElement(); // D:getlastmodified $xml->writeElement(WebDav::NS_DAV, 'lockdiscovery'); $xml->writeElement(WebDav::NS_DAV, 'supportedlock'); $xml->writeElement(WebDav::NS_DAV, 'supported-report-set'); $xml->endElement(); // D:prop $xml->writeElement(WebDav::NS_DAV, 'status', 'HTTP/1.1 200 OK'); $xml->endElement(); // D:propstat $xml->endElement(); // D:response if ($depth == '1') { $xml->startElement(WebDav::NS_DAV, 'response'); $xml->writeElement(WebDav::NS_DAV, 'href', $href . 'dav/'); $xml->startElement(WebDav::NS_DAV, 'propstat'); $xml->startElement(WebDav::NS_DAV, 'prop'); $xml->writeElement(WebDav::NS_DAV, 'iscollection', 1); $xml->startElement(WebDav::NS_DAV, 'resourcetype'); $xml->writeElement(WebDav::NS_DAV, 'collection'); $xml->endElement(); // D:resourcetype $xml->writeElement(WebDav::NS_DAV, 'getcontenttype', 'httpd/unix-directory'); $xml->writeElement(WebDav::NS_DAV, 'getcontentlength', 0); $xml->writeElement(WebDav::NS_DAV, 'creationdate', gmdate(WebDav::DATE_FORMAT_TZ, 1337)); $xml->startElement(WebDav::NS_DAV, 'getlastmodified'); $xml->writeAttribute(WebDav::NS_MS, 'dt', 'dateTime.rfc1123'); $xml->writeText(gmdate(WebDav::DATE_FORMAT_RFC1123, filemtime(__FILE__))); $xml->endElement(); // D:getlastmodified $xml->writeElement(WebDav::NS_DAV, 'lockdiscovery'); $xml->writeElement(WebDav::NS_DAV, 'supportedlock'); $xml->writeElement(WebDav::NS_DAV, 'supported-report-set'); $xml->endElement(); // D:prop $xml->writeElement(WebDav::NS_DAV, 'status', 'HTTP/1.1 200 OK'); $xml->endElement(); // D:propstat $xml->endElement(); // D:response } $xml->endElement(); // D:multistatus $xml->endDocument(); $xml->flush(); }); return $response; } return $dispatchRequest->proceed(); }