/** * @param SessionManagerInterface $session * @return string */ public function getSid(SessionManagerInterface $session) { $sidKey = null; $useSidOnFrontend = $this->scopeConfig->getValue(self::XML_PATH_USE_FRONTEND_SID, $this->_scopeType); if ($useSidOnFrontend && $this->request->getQuery($this->getSessionIdQueryParam($session), false) && $this->urlBuilder->isOwnOriginUrl()) { $sidKey = $this->request->getQuery($this->getSessionIdQueryParam($session)); } return $sidKey; }
/** * Note: isolation flushes the URL memory cache * @magentoAppIsolation enabled */ public function testIsOwnOriginUrl() { $objectManager = \Magento\TestFramework\Helper\Bootstrap::getObjectManager(); /** @var $request \Magento\TestFramework\Request */ $request = $objectManager->get('Magento\\Framework\\App\\RequestInterface'); $request->setServer(array('HTTP_REFERER' => 'http://localhost/')); $this->assertTrue($this->_model->isOwnOriginUrl()); $request->setServer(array('HTTP_REFERER' => 'http://example.com/')); $this->assertFalse($this->_model->isOwnOriginUrl()); }
/** * Prepare redirect URL for logged in customer * * Redirect customer to the last page visited after logging in. * * @return void */ protected function processLoggedCustomer() { // Set default redirect URL for logged in customer $this->applyRedirect($this->customerUrl->getAccountUrl()); if (!$this->scopeConfig->isSetFlag(CustomerUrl::XML_PATH_CUSTOMER_STARTUP_REDIRECT_TO_DASHBOARD, ScopeInterface::SCOPE_STORE)) { $referer = $this->request->getParam(CustomerUrl::REFERER_QUERY_PARAM_NAME); if ($referer) { $referer = $this->urlDecoder->decode($referer); if ($this->url->isOwnOriginUrl()) { $this->applyRedirect($referer); } } } elseif ($this->session->getAfterAuthUrl()) { $this->applyRedirect($this->session->getAfterAuthUrl(true)); } }