/** @inheritdoc */ public function __construct(array $settings = []) { $this->_request = IfSet::get($settings, 'request', Request::createFromGlobals()); $this->_response = IfSet::get($settings, 'response', Response::create()); $this->_container = null; parent::__construct($settings); }
/** * @param string $host The host of the entry, or "*" for all * @param int $port The port of the entry * @param string $scheme The scheme of the entry * @param array $allowedVerbs The verbs allowed for the entry. Defaults to all verbs being allowed */ public function __construct($host = null, $port = null, $scheme = null, $allowedVerbs = null) { $this->_host = strtolower($host ?: IfSet::get($_SERVER, 'HTTP_HOST')); if (static::WIDE_OPEN != $this->_host) { $this->_port = $port ?: IfSet::get($_SERVER, 'SERVER_PORT'); $this->_scheme = $scheme ?: 'http' . (IfSet::getBool($_SERVER, 'HTTPS') ? 's' : null); // Ignore standard ports 'https' == $this->_scheme && 443 == $this->_port && ($this->_port = null); 'http' == $this->_scheme && 80 == $this->_port && ($this->_port = null); } $this->_allowedVerbs = $allowedVerbs ?: [Verbs::GET, Verbs::POST, Verbs::PUT, Verbs::DELETE, Verbs::PATCH, Verbs::MERGE, Verbs::COPY, Verbs::OPTIONS]; }
/** * @param string|array $origin The parse_url value of origin * @param array $additional Additional origin(s) to allow * @param bool $isStar Set to true if the allowed origin is "*" * * @return bool|array false if not allowed, otherwise array of verbs allowed */ protected function _checkOrigin($origin, array $additional = [], &$isStar = false) { $_checklist = array_merge($this->_whitelist, $additional); foreach ($_checklist as $_hostInfo) { // Always start with defaults $_allowedVerbs = $this->_verbs; $_whiteGuy = $_hostInfo; if (is_array($_hostInfo)) { // If is_enabled prop not there, assuming enabled. if (!Scalar::boolval(IfSet::get($_hostInfo, 'is_enabled', true))) { continue; } if (null === ($_whiteGuy = IfSet::get($_hostInfo, 'host'))) { $this->_logger->error('whitelist entry missing "host" parameter'); continue; } if (isset($_hostInfo['verbs'])) { if (!in_array(Verbs::OPTIONS, $_hostInfo['verbs'])) { // add OPTION to allowed list $_hostInfo['verbs'][] = Verbs::OPTIONS; } $_allowedVerbs = $_hostInfo['verbs']; } } // All allowed? if (static::ALLOW_ALL == $_whiteGuy) { $isStar = true; return $_allowedVerbs; } if (false === ($_whiteParts = Uri::parse($_whiteGuy))) { $this->_logger->error('unable to parse "' . $_whiteGuy . '" whitelist entry'); continue; } $this->_logger->debug('whitelist "' . $_whiteGuy . '" > parts: ' . print_r($_whiteParts, true)); // Check for un-parsed origin, 'null' sent when testing js files locally if (is_array($origin) && Uri::compare($origin, $_whiteParts)) { // This origin is on the whitelist return $_allowedVerbs; } } return false; }