|
1
|
<?php
|
|
2
|
|
|
3
|
/*
|
|
4
|
* This file is part of the Symfony package.
|
|
5
|
*
|
|
6
|
* (c) Fabien Potencier <fabien@symfony.com>
|
|
7
|
*
|
|
8
|
* For the full copyright and license information, please view the LICENSE
|
|
9
|
* file that was distributed with this source code.
|
|
10
|
*/
|
|
11
|
|
|
12
|
namespace Symfony\Component\HttpFoundation;
|
|
13
|
|
|
14
|
/**
|
|
15
|
* ServerBag is a container for HTTP headers from the $_SERVER variable.
|
|
16
|
*
|
|
17
|
* @author Fabien Potencier <fabien@symfony.com>
|
|
18
|
* @author Bulat Shakirzyanov <mallluhuct@gmail.com>
|
|
19
|
* @author Robert Kiss <kepten@gmail.com>
|
|
20
|
*/
|
|
21
|
class ServerBag extends ParameterBag
|
|
22
|
{
|
|
23
|
/**
|
|
24
|
* Gets the HTTP headers.
|
|
25
|
*
|
|
26
|
* @return array
|
|
27
|
*/
|
|
28
|
public function getHeaders()
|
|
29
|
{
|
|
30
|
$headers = array();
|
|
31
|
$contentHeaders = array('CONTENT_LENGTH' => true, 'CONTENT_MD5' => true, 'CONTENT_TYPE' => true);
|
|
32
|
foreach ($this->parameters as $key => $value) {
|
|
33
|
if (0 === strpos($key, 'HTTP_')) {
|
|
34
|
$headers[substr($key, 5)] = $value;
|
|
35
|
}
|
|
36
|
// CONTENT_* are not prefixed with HTTP_
|
|
37
|
elseif (isset($contentHeaders[$key])) {
|
|
38
|
$headers[$key] = $value;
|
|
39
|
}
|
|
40
|
}
|
|
41
|
|
|
42
|
if (isset($this->parameters['PHP_AUTH_USER'])) {
|
|
43
|
$headers['PHP_AUTH_USER'] = $this->parameters['PHP_AUTH_USER'];
|
|
44
|
$headers['PHP_AUTH_PW'] = isset($this->parameters['PHP_AUTH_PW']) ? $this->parameters['PHP_AUTH_PW'] : '';
|
|
45
|
} else {
|
|
46
|
/*
|
|
47
|
* php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default
|
|
48
|
* For this workaround to work, add these lines to your .htaccess file:
|
|
49
|
* RewriteCond %{HTTP:Authorization} ^(.+)$
|
|
50
|
* RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
|
51
|
*
|
|
52
|
* A sample .htaccess file:
|
|
53
|
* RewriteEngine On
|
|
54
|
* RewriteCond %{HTTP:Authorization} ^(.+)$
|
|
55
|
* RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
|
56
|
* RewriteCond %{REQUEST_FILENAME} !-f
|
|
57
|
* RewriteRule ^(.*)$ app.php [QSA,L]
|
|
58
|
*/
|
|
59
|
|
|
60
|
$authorizationHeader = null;
|
|
61
|
if (isset($this->parameters['HTTP_AUTHORIZATION'])) {
|
|
62
|
$authorizationHeader = $this->parameters['HTTP_AUTHORIZATION'];
|
|
63
|
} elseif (isset($this->parameters['REDIRECT_HTTP_AUTHORIZATION'])) {
|
|
64
|
$authorizationHeader = $this->parameters['REDIRECT_HTTP_AUTHORIZATION'];
|
|
65
|
}
|
|
66
|
|
|
67
|
if (null !== $authorizationHeader) {
|
|
68
|
if (0 === stripos($authorizationHeader, 'basic ')) {
|
|
69
|
// Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
|
|
70
|
$exploded = explode(':', base64_decode(substr($authorizationHeader, 6)), 2);
|
|
71
|
if (count($exploded) == 2) {
|
|
72
|
list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;
|
|
73
|
}
|
|
74
|
} elseif (empty($this->parameters['PHP_AUTH_DIGEST']) && (0 === stripos($authorizationHeader, 'digest '))) {
|
|
75
|
// In some circumstances PHP_AUTH_DIGEST needs to be set
|
|
76
|
$headers['PHP_AUTH_DIGEST'] = $authorizationHeader;
|
|
77
|
$this->parameters['PHP_AUTH_DIGEST'] = $authorizationHeader;
|
|
78
|
} elseif (0 === stripos($authorizationHeader, 'bearer ')) {
|
|
79
|
/*
|
|
80
|
* XXX: Since there is no PHP_AUTH_BEARER in PHP predefined variables,
|
|
81
|
* I'll just set $headers['AUTHORIZATION'] here.
|
|
82
|
* http://php.net/manual/en/reserved.variables.server.php
|
|
83
|
*/
|
|
84
|
$headers['AUTHORIZATION'] = $authorizationHeader;
|
|
85
|
}
|
|
86
|
}
|
|
87
|
}
|
|
88
|
|
|
89
|
if (isset($headers['AUTHORIZATION'])) {
|
|
90
|
return $headers;
|
|
91
|
}
|
|
92
|
|
|
93
|
// PHP_AUTH_USER/PHP_AUTH_PW
|
|
94
|
if (isset($headers['PHP_AUTH_USER'])) {
|
|
95
|
$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
|
|
96
|
} elseif (isset($headers['PHP_AUTH_DIGEST'])) {
|
|
97
|
$headers['AUTHORIZATION'] = $headers['PHP_AUTH_DIGEST'];
|
|
98
|
}
|
|
99
|
|
|
100
|
return $headers;
|
|
101
|
}
|
|
102
|
}
|