MediaWiki  master
MediaWiki\Rest\CorsUtils Class Reference
Inheritance diagram for MediaWiki\Rest\CorsUtils:
Collaboration diagram for MediaWiki\Rest\CorsUtils:

Public Member Functions

 __construct (ServiceOptions $options, ResponseFactory $responseFactory, UserIdentity $user)
 
 authorize (RequestInterface $request, Handler $handler)
 Only allow registered users to make unsafe cross-origin requests. More...
 
 createPreflightResponse (array $allowedMethods)
 Create a CORS preflight response. More...
 
 modifyResponse (RequestInterface $request, ResponseInterface $response)
 Modify response to allow for CORS. More...
 

Private Member Functions

 allowOrigin (Origin $origin)
 
 getCanonicalDomain ()
 

Private Attributes

ServiceOptions $options
 
ResponseFactory $responseFactory
 
UserIdentity $user
 

Detailed Description

Access: internal

Definition at line 14 of file CorsUtils.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\Rest\CorsUtils::__construct ( ServiceOptions  $options,
ResponseFactory  $responseFactory,
UserIdentity  $user 
)

Member Function Documentation

◆ allowOrigin()

MediaWiki\Rest\CorsUtils::allowOrigin ( Origin  $origin)
private
Parameters
Origin$origin
Returns
bool

Definition at line 80 of file CorsUtils.php.

Referenced by MediaWiki\Rest\CorsUtils\authorize().

◆ authorize()

MediaWiki\Rest\CorsUtils::authorize ( RequestInterface  $request,
Handler  $handler 
)

Only allow registered users to make unsafe cross-origin requests.

Parameters
RequestInterface$request
Handler$handler
Returns
string|null If the request is denied, the string error code. If the request is allowed, null.

Implements MediaWiki\Rest\BasicAccess\BasicAuthorizerInterface.

Definition at line 58 of file CorsUtils.php.

References MediaWiki\Rest\CorsUtils\allowOrigin(), MediaWiki\Rest\RequestInterface\getHeader(), MediaWiki\Rest\RequestInterface\hasHeader(), MediaWiki\Rest\Handler\needsWriteAccess(), and MediaWiki\Rest\HeaderParser\Origin\parseHeaderList().

◆ createPreflightResponse()

MediaWiki\Rest\CorsUtils::createPreflightResponse ( array  $allowedMethods)

Create a CORS preflight response.

Parameters
array$allowedMethods
Returns
ResponseInterface

Definition at line 164 of file CorsUtils.php.

◆ getCanonicalDomain()

MediaWiki\Rest\CorsUtils::getCanonicalDomain ( )
private
Returns
string

Definition at line 91 of file CorsUtils.php.

◆ modifyResponse()

MediaWiki\Rest\CorsUtils::modifyResponse ( RequestInterface  $request,
ResponseInterface  $response 
)

Modify response to allow for CORS.

This method should be executed for every response from the REST API including errors.

Parameters
RequestInterface$request
ResponseInterface$response
Returns
ResponseInterface

Definition at line 109 of file CorsUtils.php.

Member Data Documentation

◆ $options

ServiceOptions MediaWiki\Rest\CorsUtils::$options
private
Initial value:
=[,,,,,,]
public const CONSTRUCTOR_OPTIONS
const CrossSiteAJAXdomainExceptions
Name constant for the CrossSiteAJAXdomainExceptions setting, for use with Config::get()
const CanonicalServer
Name constant for the CanonicalServer setting, for use with Config::get()
const AllowCrossOrigin
Name constant for the AllowCrossOrigin setting, for use with Config::get()
const AllowedCorsHeaders
Name constant for the AllowedCorsHeaders setting, for use with Config::get()
const CrossSiteAJAXdomains
Name constant for the CrossSiteAJAXdomains setting, for use with Config::get()
const RestAllowCrossOriginCookieAuth
Name constant for the RestAllowCrossOriginCookieAuth setting, for use with Config::get()

Definition at line 26 of file CorsUtils.php.

Referenced by MediaWiki\Rest\CorsUtils\__construct().

◆ $responseFactory

ResponseFactory MediaWiki\Rest\CorsUtils::$responseFactory
private

Definition at line 29 of file CorsUtils.php.

Referenced by MediaWiki\Rest\CorsUtils\__construct().

◆ $user

UserIdentity MediaWiki\Rest\CorsUtils::$user
private

Definition at line 32 of file CorsUtils.php.

Referenced by MediaWiki\Rest\CorsUtils\__construct().


The documentation for this class was generated from the following file: