Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 1e973b2

Browse filesBrowse files
fabpotfabpot
committed
feature #10404 [Security] Match request based on HTTP methods in firewall config (danez)
This PR was submitted for the 2.4 branch but it was merged into the 2.5-dev branch instead (closes #10404). Discussion ---------- [Security] Match request based on HTTP methods in firewall config | Q | A | ------------- | --- | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | | License | MIT | Doc PR | symfony/symfony-docs#3681 For an api I had to work on, I was in the need to have different firewalls for different HTTP Methods. I started building my own ```RequestMatcher``` until I discovered, that the regular RequestMatcher is able to handle HTTP Methods. The only thing that is missing is the possibility to configure it in the firewall section of the configuration. (For access_control it is already possible) With this PR it is possible to do things like this: ```yaml security: firewalls: api_options: pattern: ^/ methods: [OPTIONS] security: false api: pattern: ^/ some_auth: true ``` I think this integrates quite nicely. Or is there any downside you can think of? If it is good to go, I'll open a PR for the docs. Commits ------- 2878757 Make it possible to match the request based on HTTP methods in the firewall configuration
2 parents f0c0c2c + a8e9ed5 commit 1e973b2
Copy full SHA for 1e973b2

File tree

Expand file treeCollapse file tree

6 files changed

+10
-2
lines changed
Filter options
Expand file treeCollapse file tree

6 files changed

+10
-2
lines changed

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php
+4Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -201,6 +201,10 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
201201
$firewallNodeBuilder
202202
->scalarNode('pattern')->end()
203203
->scalarNode('host')->end()
204+
->arrayNode('methods')
205+
->beforeNormalization()->ifString()->then(function ($v) { return preg_split('/\s*,\s*/', $v); })->end()
206+
->prototype('scalar')->end()
207+
->end()
204208
->booleanNode('security')->defaultTrue()->end()
205209
->scalarNode('request_matcher')->end()
206210
->scalarNode('access_denied_url')->end()

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -254,7 +254,8 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a
254254
} elseif (isset($firewall['pattern']) || isset($firewall['host'])) {
255255
$pattern = isset($firewall['pattern']) ? $firewall['pattern'] : null;
256256
$host = isset($firewall['host']) ? $firewall['host'] : null;
257-
$matcher = $this->createRequestMatcher($container, $pattern, $host);
257+
$methods = isset($firewall['methods']) ? $firewall['methods'] : array();
258+
$matcher = $this->createRequestMatcher($container, $pattern, $host, $methods);
258259
}
259260

260261
// Security disabled?

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -117,6 +117,7 @@ public function testFirewallRequestMatchers()
117117
array(
118118
'/test',
119119
'foo\\.example\\.org',
120+
array('GET', 'POST'),
120121
),
121122
), $matchers);
122123
}

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/container1.php
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,7 @@
7474
'host' => array(
7575
'pattern' => '/test',
7676
'host' => 'foo\\.example\\.org',
77+
'methods' => array('GET', 'POST'),
7778
'anonymous' => true,
7879
'http_basic' => true,
7980
),

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1.xml

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/container1.xml
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@
5757
<logout />
5858
</firewall>
5959

60-
<firewall name="host" pattern="/test" host="foo\.example\.org">
60+
<firewall name="host" pattern="/test" host="foo\.example\.org" methods="GET,POST">
6161
<anonymous />
6262
<http-basic />
6363
</firewall>

‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1.yml

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/container1.yml
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,7 @@ security:
5656
host:
5757
pattern: /test
5858
host: foo\.example\.org
59+
methods: [GET,POST]
5960
anonymous: true
6061
http_basic: true
6162

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.