MediaWiki master
MediaWiki\Rest\CorsUtils Class Reference

Inherits MediaWiki\Rest\BasicAccess\BasicAuthorizerInterface.

Collaboration diagram for MediaWiki\Rest\CorsUtils:

Public Member Functions

 __construct (ServiceOptions $options, ResponseFactory $responseFactory, UserIdentity $user)
 
 authorize (RequestInterface $request, Handler $handler)
 Only allow registered users to make unsafe cross-origin requests.
 
 createPreflightResponse (array $allowedMethods)
 Create a CORS preflight response.
 
 modifyResponse (RequestInterface $request, ResponseInterface $response)
 Modify response to allow for CORS.
 

Public Attributes

const CONSTRUCTOR_OPTIONS
 

Detailed Description

Access: internal

Definition at line 14 of file CorsUtils.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\Rest\CorsUtils::__construct ( ServiceOptions $options,
ResponseFactory $responseFactory,
UserIdentity $user )

Member Function Documentation

◆ authorize()

MediaWiki\Rest\CorsUtils::authorize ( RequestInterface $request,
Handler $handler )

Only allow registered users to make unsafe cross-origin requests.

Parameters
RequestInterface$request
Handler$handler
Returns
string|null If the request is denied, the string error code. If the request is allowed, null.

Implements MediaWiki\Rest\BasicAccess\BasicAuthorizerInterface.

Definition at line 48 of file CorsUtils.php.

References MediaWiki\Rest\RequestInterface\getHeader(), MediaWiki\Rest\RequestInterface\hasHeader(), and MediaWiki\Rest\Handler\needsWriteAccess().

◆ createPreflightResponse()

MediaWiki\Rest\CorsUtils::createPreflightResponse ( array $allowedMethods)

Create a CORS preflight response.

Parameters
array$allowedMethods
Returns
Response

Definition at line 156 of file CorsUtils.php.

◆ modifyResponse()

MediaWiki\Rest\CorsUtils::modifyResponse ( RequestInterface $request,
ResponseInterface $response )

Modify response to allow for CORS.

This method should be executed for every response from the REST API including errors.

Parameters
RequestInterface$request
ResponseInterface$response
Returns
ResponseInterface

Definition at line 101 of file CorsUtils.php.

Member Data Documentation

◆ CONSTRUCTOR_OPTIONS

const MediaWiki\Rest\CorsUtils::CONSTRUCTOR_OPTIONS
Initial value:
= [
]
const CrossSiteAJAXdomainExceptions
Name constant for the CrossSiteAJAXdomainExceptions setting, for use with Config::get()
const CanonicalServer
Name constant for the CanonicalServer setting, for use with Config::get()
const AllowCrossOrigin
Name constant for the AllowCrossOrigin setting, for use with Config::get()
const AllowedCorsHeaders
Name constant for the AllowedCorsHeaders setting, for use with Config::get()
const CrossSiteAJAXdomains
Name constant for the CrossSiteAJAXdomains setting, for use with Config::get()
const RestAllowCrossOriginCookieAuth
Name constant for the RestAllowCrossOriginCookieAuth setting, for use with Config::get()

Definition at line 16 of file CorsUtils.php.


The documentation for this class was generated from the following file: