Mercurial > hg > isophonics-drupal-site

annotate core/lib/Drupal/Core/StackMiddleware/NegotiationMiddleware.php @ 13:5fb285c0d0e3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've been lucky to get away with this so far, as we don't support self-registration which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5 was vulnerable to.
author Chris Cannam
date Mon, 23 Apr 2018 09:33:26 +0100
parents 4c8ae668cc8c
children c2387f117808
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\Core\StackMiddleware;
Chris@0 4
Chris@0 5 use Symfony\Component\HttpFoundation\Request;
Chris@0 6 use Symfony\Component\HttpKernel\HttpKernelInterface;
Chris@0 7
Chris@0 8 /**
Chris@0 9 * Provides a middleware to determine the content type upon the accept header.
Chris@0 10 *
Chris@0 11 * @todo This is a temporary solution, remove this in https://www.drupal.org/node/2364011
Chris@0 12 */
Chris@0 13 class NegotiationMiddleware implements HttpKernelInterface {
Chris@0 14
Chris@0 15 /**
Chris@0 16 * The wrapped HTTP kernel.
Chris@0 17 *
Chris@0 18 * @var \Symfony\Component\HttpKernel\HttpKernelInterface
Chris@0 19 */
Chris@0 20 protected $app;
Chris@0 21
Chris@0 22 /**
Chris@0 23 * Contains a hashmap of format as key and mimetype as value.
Chris@0 24 *
Chris@0 25 * @var array
Chris@0 26 */
Chris@0 27 protected $formats = [];
Chris@0 28
Chris@0 29 /**
Chris@0 30 * Constructs a new NegotiationMiddleware.
Chris@0 31 *
Chris@0 32 * @param \Symfony\Component\HttpKernel\HttpKernelInterface $app
Chris@0 33 * The wrapper HTTP kernel
Chris@0 34 */
Chris@0 35 public function __construct(HttpKernelInterface $app) {
Chris@0 36 $this->app = $app;
Chris@0 37 }
Chris@0 38
Chris@0 39 /**
Chris@0 40 * {@inheritdoc}
Chris@0 41 */
Chris@0 42 public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {
Chris@0 43 // Register available mime types.
Chris@0 44 foreach ($this->formats as $format => $mime_type) {
Chris@0 45 $request->setFormat($format, $mime_type);
Chris@0 46 }
Chris@0 47
Chris@0 48 // Determine the request format using the negotiator.
Chris@0 49 $request->setRequestFormat($this->getContentType($request));
Chris@0 50 return $this->app->handle($request, $type, $catch);
Chris@0 51 }
Chris@0 52
Chris@0 53 /**
Chris@0 54 * Registers a format for a given MIME type.
Chris@0 55 *
Chris@0 56 * @param string $format
Chris@0 57 * The format.
Chris@0 58 * @param string $mime_type
Chris@0 59 * The MIME type.
Chris@0 60 *
Chris@0 61 * @return $this
Chris@0 62 */
Chris@0 63 public function registerFormat($format, $mime_type) {
Chris@0 64 $this->formats[$format] = $mime_type;
Chris@0 65 return $this;
Chris@0 66 }
Chris@0 67
Chris@0 68 /**
Chris@0 69 * Gets the normalized type of a request.
Chris@0 70 *
Chris@0 71 * The normalized type is a short, lowercase version of the format, such as
Chris@0 72 * 'html', 'json' or 'atom'.
Chris@0 73 *
Chris@0 74 * @param \Symfony\Component\HttpFoundation\Request $request
Chris@0 75 * The request object from which to extract the content type.
Chris@0 76 *
Chris@0 77 * @return string
Chris@0 78 * The normalized type of a given request.
Chris@0 79 */
Chris@0 80 protected function getContentType(Request $request) {
Chris@0 81 // AJAX iframe uploads need special handling, because they contain a JSON
Chris@0 82 // response wrapped in <textarea>.
Chris@0 83 if ($request->request->get('ajax_iframe_upload', FALSE)) {
Chris@0 84 return 'iframeupload';
Chris@0 85 }
Chris@0 86
Chris@0 87 if ($request->query->has('_format')) {
Chris@0 88 return $request->query->get('_format');
Chris@0 89 }
Chris@0 90
Chris@0 91 // Do HTML last so that it always wins.
Chris@0 92 return 'html';
Chris@0 93 }
Chris@0 94
Chris@0 95 }