/** * Look at safe requests and handle refresh requests. * * Ignore refresh to let normal lookup happen when the request comes from * a non-authorized client. * * @param CacheEvent $event */ public function handleRefresh(CacheEvent $event) { $request = $event->getRequest(); if (!$request->isMethodSafe() || !$request->isNoCache() || !$this->isRequestAllowed($request)) { return; } $event->setResponse($event->getKernel()->fetch($request)); }
/** * Extract the cache HIT/MISS information from the X-Symfony-Cache header. * * For this header to be present, the HttpCache must be created with the * debug option set to true. * * @param CacheEvent $event */ public function handleDebug(CacheEvent $event) { $response = $event->getResponse(); if ($response->headers->has('X-Symfony-Cache')) { if (false !== strpos($response->headers->get('X-Symfony-Cache'), 'miss')) { $state = 'MISS'; } elseif (false !== strpos($response->headers->get('X-Symfony-Cache'), 'fresh')) { $state = 'HIT'; } else { $state = 'UNDETERMINED'; } $response->headers->set('X-Cache', $state); } }
/** * Look at the request before it is handled by the kernel. * * Adds the user hash header to the request. * * Checks if an external request tries tampering with the use context hash mechanism * to prevent attacks. * * @param CacheEvent $event */ public function preHandle(CacheEvent $event) { $request = $event->getRequest(); if (!$this->isInternalRequest($request)) { // Prevent tampering attacks on the hash mechanism if ($request->headers->get('accept') === $this->options['user_hash_accept_header'] || $request->headers->get($this->options['user_hash_header']) !== null) { $event->setResponse(new Response('', 400)); return; } if ($request->isMethodSafe()) { $request->headers->set($this->options['user_hash_header'], $this->getUserHash($event->getKernel(), $request)); } } // let the kernel handle this request. }
/** * Remove the custom TTL header and restore s_maxage from the backup. * * @param CacheEvent $e */ public function cleanResponse(CacheEvent $e) { $response = $e->getResponse(); if (!$response->headers->has($this->ttlHeader) && !$response->headers->has(static::SMAXAGE_BACKUP)) { return; } if ($response->headers->has(static::SMAXAGE_BACKUP)) { $smaxage = $response->headers->get(static::SMAXAGE_BACKUP); if ('false' === $smaxage) { $response->headers->removeCacheControlDirective('s-maxage'); } else { $response->headers->addCacheControlDirective('s-maxage', $smaxage); } } $response->headers->remove($this->ttlHeader); $response->headers->remove(static::SMAXAGE_BACKUP); }
/** * Look at unsafe requests and handle purge requests. * * Prevents access when the request comes from a non-authorized client. * * @param CacheEvent $event */ public function handlePurge(CacheEvent $event) { $request = $event->getRequest(); if ($this->options['purge_method'] !== $request->getMethod()) { return; } if (!$this->isRequestAllowed($request)) { $event->setResponse(new Response('', 400)); return; } $response = new Response(); if ($event->getKernel()->getStore()->purge($request->getUri())) { $response->setStatusCode(200, 'Purged'); } else { $response->setStatusCode(200, 'Not found'); } $event->setResponse($response); }
public function preInvalidate(CacheEvent $event) { $this->test->assertSame($this->kernel, $event->getKernel()); $this->test->assertSame($this->request, $event->getRequest()); if ($this->preInvalidateResponse) { $event->setResponse($this->preInvalidateResponse); } ++$this->preInvalidateCalls; }