/**
* Normalizes the request data.
* This method strips off slashes in request data if get_magic_quotes_gpc() returns true.
* It also performs CSRF validation if {@link enableCsrfValidation} is true.
*/
protected function normalizeRequest()
{
parent::normalizeRequest();
if ($this->getIsPostRequest() && $this->enableCsrfValidation && $this->checkCurrentRoute()) {
Yii::app()->detachEventHandler('onbeginRequest', array($this, 'validateCsrfToken'));
}
}
/**
* @see CHttpRequest::normalizeRequest()
*/
protected function normalizeRequest()
{
$this->normalizeEOL($_POST);
$this->normalizeEOL($_GET);
$this->normalizeEOL($_REQUEST);
parent::normalizeRequest();
}
protected function normalizeRequest()
{
parent::normalizeRequest();
if ($this->enableCsrfValidation) {
$url = Yii::app()->getUrlManager()->parseUrl($this);
if (in_array($url, $this->noValidationRoutes)) {
Yii::app()->detachEventHandler('onBeginRequest', array($this, 'validateCsrfToken'));
}
}
}
protected function normalizeRequest()
{
//attach event handlers for CSRFin the parent
parent::normalizeRequest();
//remove the event handler CSRF if this is a route we want skipped
if (!Common::isCli() && $this->enableCsrfValidation) {
$url = Yii::app()->getUrlManager()->parseUrl($this);
foreach ($this->noCsrfValidationRoutes as $route) {
if (strpos($url, $route) === 0) {
Yii::app()->detachEventHandler('onBeginRequest', array($this, 'validateCsrfToken'));
}
}
}
}
protected function normalizeRequest()
{
//attach event handlers for CSRFin the parent
parent::normalizeRequest();
//remove the event handler CSRF if this is a route we want skipped
if ($this->enableCsrfValidation) {
$url = Yii::app()->getUrlManager()->parseUrl($this);
$t = strpos($url, "/");
if ($t !== FALSE) {
$url = substr($url, 0, $t);
if (in_array($url, $this->noCsrfValidationRoutes)) {
Yii::app()->detachEventHandler('onBeginRequest', array($this, 'validateCsrfToken'));
}
}
}
}
protected function normalizeRequest(){
parent::normalizeRequest();
if($_SERVER['REQUEST_METHOD'] != 'POST') return;
$route = Yii::app()->getUrlManager()->parseUrl($this);
if($this->enableCsrfValidation){
foreach($this->noCsrfValidationRoutes as $cr){
if(preg_match('#'.$cr.'#', $route)){
Yii::app()->detachEventHandler('onBeginRequest',
array($this,'validateCsrfToken'));
Yii::trace('Route "'.$route.' passed without CSRF validation');
break; // found first route and break
}
}
}
}
protected function normalizeRequest()
{
//attach event handlers for CSRFin the parent
parent::normalizeRequest();
//remove the event handler CSRF if this is a route we want skipped
if ($this->enableCsrfValidation) {
//$url=Yii::app()->getUrlManager()->parseUrl($this);
$route1 = Yii::app()->createController(Yii::app()->getUrlManager()->parseUrl(new CHttpRequest()));
$url = $route1 ? $route1[0]->id : "";
foreach ($this->noCsrfValidationRoutes as $route) {
$url = strtolower($url);
$route = strtolower($route);
if (strpos($url, $route) === 0) {
Yii::app()->detachEventHandler('onBeginRequest', array($this, 'validateCsrfToken'));
}
}
}
}
/**
*Extends CHttpRequest::normalizeRequest to support 'enableCsrfValidationRoutes' attribute
* The new attribute allows you to enable CSRF token validation on a list of routes
*/
protected function normalizeRequest()
{
//attach event handlers for CSRFin the parent
parent::normalizeRequest();
//remove the event handler CSRF if this is a route we want skipped
if ($this->enableCsrfValidation) {
$url = $_SERVER['REQUEST_URI'];
$enableValidation = false;
foreach ($this->enableCsrfValidationRoutes as $route) {
if (strpos($url, $route) === 0) {
$enableValidation = true;
break;
}
}
if (!$enableValidation) {
Yii::app()->detachEventHandler('onBeginRequest', array($this, 'validateCsrfToken'));
}
}
}
/**
* Normalize request.
* Disable CSRF for payment controller
*/
protected function normalizeRequest()
{
parent::normalizeRequest();
if ($this->enableCsrfValidation && $this->isCLI() === false) {
$url = $this->getRequestUri();
foreach ($this->noCsrfValidationRoutes as $route) {
if (substr($url, 0, strlen($route)) === $route) {
Yii::app()->detachEventHandler('onBeginRequest', array($this, 'validateCsrfToken'));
}
}
}
}
