/**
* Checks if a resource which lies in document root is really publicly available
* This is currently only done by checking configured secure paths, not by requesting the resources
*
* @param ResourceInterface $resource
* @return bool
*/
protected function isPubliclyAvailable(ResourceInterface $resource)
{
$resourceUri = $this->getResourceUri($resource);
$securedFoldersExpression = $this->configurationManager->getValue('securedDirs');
if (substr($this->configurationManager->getValue('filetype'), 0, 1) === '\\') {
$fileExtensionExpression = $this->configurationManager->getValue('filetype');
} else {
$fileExtensionExpression = '\\.(' . $this->configurationManager->getValue('filetype') . ')';
}
// TODO: maybe check if the resource is available without authentication by doing a head request
return !(preg_match('/((' . HtmlParser::softQuoteExpression($securedFoldersExpression) . ')+?\\/.*?(?:(?i)' . $fileExtensionExpression . '))/i', $resourceUri, $matchedUrls) && is_array($matchedUrls) && $matchedUrls[0] === $resourceUri);
}
/**
* @param string $string
* @return mixed
*/
protected function softQuoteExpression($string)
{
return \Bitmotion\NawSecuredl\Parser\HtmlParser::softQuoteExpression($string);
}
