CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
createFromRedirectResponse example
catch (\InvalidArgumentException $e) {
}
}
// Regardless of whether the target is the original one or the overridden // destination, ensure that all redirects are safe. if (!($response instanceof SecuredRedirectResponse)) {
try {
// SecuredRedirectResponse is an abstract class that requires a // concrete implementation. Default to LocalRedirectResponse, which // considers only redirects to within the same site as safe. $safe_response = LocalRedirectResponse::createFromRedirectResponse($response);
$safe_response->setRequestContext($this->requestContext);
}
catch (\InvalidArgumentException $e) {
// If the above failed, it's because the redirect target wasn't // local. Do not follow that redirect. Display an error message // instead. We're already catching one exception, so trigger_error() // rather than throw another one. // We don't throw an exception, because this is a client error rather than a // server error. $message = 'Redirects to external URLs are not allowed by default, use \Drupal\Core\Routing\TrustedRedirectResponse for it.';
trigger_error($message, E_USER_ERROR);
}
}
// Regardless of whether the target is the original one or the overridden // destination, ensure that all redirects are safe. if (!($response instanceof SecuredRedirectResponse)) {
try {
// SecuredRedirectResponse is an abstract class that requires a // concrete implementation. Default to LocalRedirectResponse, which // considers only redirects to within the same site as safe. $safe_response = LocalRedirectResponse::createFromRedirectResponse($response);
$safe_response->setRequestContext($this->requestContext);
}
catch (\InvalidArgumentException $e) {
// If the above failed, it's because the redirect target wasn't // local. Do not follow that redirect. Display an error message // instead. We're already catching one exception, so trigger_error() // rather than throw another one. // We don't throw an exception, because this is a client error rather than a // server error. $message = 'Redirects to external URLs are not allowed by default, use \Drupal\Core\Routing\TrustedRedirectResponse for it.';
trigger_error($message, E_USER_ERROR);
$redirect_response = new TrustedRedirectResponse('/example');
$redirect_response->setTrustedTargetUrl('http://good-external-url.com/example');
$this->assertEquals('http://good-external-url.com/example', $redirect_response->getTargetUrl());
}
/** * @covers ::createFromRedirectResponse * @dataProvider providerCreateFromRedirectResponse */
public function testCreateFromRedirectResponse($redirect_response) {
$trusted_redirect_response = TrustedRedirectResponse::createFromRedirectResponse($redirect_response);
// The trusted redirect response is always a CacheableResponseInterface instance. $this->assertInstanceOf(CacheableResponseInterface::class, $trusted_redirect_response);
// But it is only actually cacheable (non-zero max-age) if the redirect // response passed to TrustedRedirectResponse::createFromRedirectResponse() // is itself cacheable. $expected_cacheability = ($redirect_response instanceof CacheableResponseInterface) ? $redirect_response->getCacheableMetadata() : (new CacheableMetadata())->setCacheMaxAge(0);
$this->assertEquals($expected_cacheability, $trusted_redirect_response->getCacheableMetadata());
}
$redirect_response->setTrustedTargetUrl('http://good-external-url.com/example');
$this->assertEquals('http://good-external-url.com/example', $redirect_response->getTargetUrl());
}
/** * @covers ::createFromRedirectResponse * @dataProvider providerCreateFromRedirectResponse */
public function testCreateFromRedirectResponse($redirect_response) {
$trusted_redirect_response = TrustedRedirectResponse::createFromRedirectResponse($redirect_response);
// The trusted redirect response is always a CacheableResponseInterface instance. $this->assertInstanceOf(CacheableResponseInterface::class, $trusted_redirect_response);
// But it is only actually cacheable (non-zero max-age) if the redirect // response passed to TrustedRedirectResponse::createFromRedirectResponse() // is itself cacheable. $expected_cacheability = ($redirect_response instanceof CacheableResponseInterface) ? $redirect_response->getCacheableMetadata() : (new CacheableMetadata())->setCacheMaxAge(0);
$this->assertEquals($expected_cacheability, $trusted_redirect_response->getCacheableMetadata());
}
public function testRedirectCopy() {
$redirect = new RedirectResponse('/magic_redirect_url', 301, ['x-cache-foobar' => 123]);
$redirect->setProtocolVersion('2.0');
$redirect->setCharset('ibm-943_P14A-2000');
$redirect->headers->setCookie(new Cookie('name', 'value', 0, '/', NULL, FALSE, TRUE, FALSE, NULL));
// Make a cloned redirect. $secureRedirect = SecuredRedirectStub::createFromRedirectResponse($redirect);
$this->assertEquals('/magic_redirect_url', $secureRedirect->getTargetUrl());
$this->assertEquals(301, $secureRedirect->getStatusCode());
// We pull the headers from the original redirect because there are default headers applied. $headers1 = $redirect->headers->allPreserveCase();
$headers2 = $secureRedirect->headers->allPreserveCase();
// We unset cache headers so we don't test arcane Symfony weirdness. // https://github.com/symfony/symfony/issues/16171 unset($headers1['Cache-Control'], $headers2['Cache-Control']);
$this->assertEquals($headers1, $headers2);
$this->assertEquals('2.0', $secureRedirect->getProtocolVersion());
$this->assertEquals('ibm-943_P14A-2000', $secureRedirect->getCharset());