MediaWiki  master
MediaWiki\Rest\CorsUtils Class Reference
Inheritance diagram for MediaWiki\Rest\CorsUtils:
Collaboration diagram for MediaWiki\Rest\CorsUtils:

Public Member Functions

 __construct (ServiceOptions $options, ResponseFactory $responseFactory, UserIdentity $user)
 
 authorize (RequestInterface $request, Handler $handler)
 Only allow registered users to make unsafe cross-origin requests. More...
 
 createPreflightResponse (array $allowedMethods)
 Create a CORS preflight response. More...
 
 modifyResponse (RequestInterface $request, ResponseInterface $response)
 Modify response to allow for CORS. More...
 

Private Member Functions

 allowOrigin (Origin $origin)
 
 getCanonicalDomain ()
 

Private Attributes

ServiceOptions $options
 
ResponseFactory $responseFactory
 
UserIdentity $user
 

Detailed Description

Definition at line 13 of file CorsUtils.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\Rest\CorsUtils::__construct ( ServiceOptions  $options,
ResponseFactory  $responseFactory,
UserIdentity  $user 
)

Member Function Documentation

◆ allowOrigin()

MediaWiki\Rest\CorsUtils::allowOrigin ( Origin  $origin)
private

◆ authorize()

MediaWiki\Rest\CorsUtils::authorize ( RequestInterface  $request,
Handler  $handler 
)

Only allow registered users to make unsafe cross-origin requests.

Parameters
RequestInterface$request
Handler$handler
Returns
string|null If the request is denied, the string error code. If the request is allowed, null.

Implements MediaWiki\Rest\BasicAccess\BasicAuthorizerInterface.

Definition at line 56 of file CorsUtils.php.

References MediaWiki\Rest\CorsUtils\allowOrigin(), MediaWiki\Rest\RequestInterface\getHeader(), MediaWiki\Rest\RequestInterface\hasHeader(), MediaWiki\Rest\Handler\needsWriteAccess(), and MediaWiki\Rest\HeaderParser\Origin\parseHeaderList().

◆ createPreflightResponse()

MediaWiki\Rest\CorsUtils::createPreflightResponse ( array  $allowedMethods)

Create a CORS preflight response.

Parameters
array$allowedMethods
Returns
ResponseInterface

Definition at line 161 of file CorsUtils.php.

References MediaWiki\Rest\ResponseInterface\setHeader().

◆ getCanonicalDomain()

MediaWiki\Rest\CorsUtils::getCanonicalDomain ( )
private
Returns
string

Definition at line 88 of file CorsUtils.php.

References wfParseUrl().

Referenced by MediaWiki\Rest\CorsUtils\allowOrigin().

◆ modifyResponse()

MediaWiki\Rest\CorsUtils::modifyResponse ( RequestInterface  $request,
ResponseInterface  $response 
)

Member Data Documentation

◆ $options

ServiceOptions MediaWiki\Rest\CorsUtils::$options
private
Initial value:
=[,,,,,]
public const CONSTRUCTOR_OPTIONS
'AllowCrossOrigin'
'RestAllowCrossOriginCookieAuth'
'CanonicalServer'
'CrossSiteAJAXdomains'
'CrossSiteAJAXdomainExceptions'

Definition at line 24 of file CorsUtils.php.

Referenced by MediaWiki\Rest\CorsUtils\__construct().

◆ $responseFactory

ResponseFactory MediaWiki\Rest\CorsUtils::$responseFactory
private

Definition at line 27 of file CorsUtils.php.

Referenced by MediaWiki\Rest\CorsUtils\__construct().

◆ $user

UserIdentity MediaWiki\Rest\CorsUtils::$user
private

Definition at line 30 of file CorsUtils.php.

Referenced by MediaWiki\Rest\CorsUtils\__construct().


The documentation for this class was generated from the following file: