php - Internal Forward in Silex Without a Sending a 301/302 to the Browser -

-

i'm using silex's internal forwarding map public urls internal urls i.e. my.domain.com/something serves my.domain.com/something_else using

$subrequest = request::create(     $redirect,     $method,      [], // params     $request->cookies->all(),      $request->files->all(),      $request->server->all() );  if ($request->getsession()) {     $subrequest->setsession($request->getsession()); }  return $app->handle($subrequest, httpkernelinterface::sub_request, true);

however, in chrome's inspection tool, appears 301 resulting page, serves result. "by design" represents interesting security problem? there ways around limitation?

while can't post code something_else route controller, gist is

// controller provider $controller_factory->match('/something_else/{param}', function(...) {     include 'path/to/some/file'; });

and

// some/file - prepares file downloaded ... return new binaryfileresponse();

there no redirectresponses in file

edit on simplified in above example. in reality, /something random string (i.e. /abcdefghijklmnopqrstuvwxyz maps 1 of many internal routes (-> /something_else, -> /something_else_2, -> etc).

no, don't think so. believe something_else controller doesn't sub-request , returns redirect response, something controller unconditionally returns browser.

it can anything. silex micro-framework, means things can implemented in hundreds of different ways, , hardly possible advise without seeing actual code. flip side of flexibility brings. may redirectableurlmatcher, or in controller, router, included files, error handler or middleware, results redirect response.

consider more oversimplified single-script app example:

<?php // web/index.php require_once __dir__.'/../vendor/autoload.php';  $app = new silex\application();  $app->get(     '/the-only-functional',     function() use ($app) {         return new \symfony\component\httpfoundation\response(             $app['request']->get('q')         );     } );  $app->get(     '/{whatever}',     function($whatever) use ($app) {         $subrequest = \symfony\component\httpfoundation\request::create(             '/the-only-functional',             'get',             ['q'=>$whatever]         );         $response = $app->handle($subrequest);          if (200 != $response->getstatuscode()) {             throw new \exception(                 "aha, that's problem lies"                 . $response->getstatuscode() . ":"                 . $response->getcontent()             );         }          return $response;     } )->value('whatever', 'nothing');  $app->run();

with http server running as:

php -s localhost:8081 -d "date.timezone=utc" -t web  web/index.php

you can try different permutations:

curl -v http://localhost:8081/ curl -v http://localhost:8081/blah-blah curl -v http://localhost:8081/the-only-functional?q=direct curl -v http://localhost:8081/?q=this+example+does+not+forward+query+string

and always 200 response.

unfortunately, without sharing code, on own debugging app. sensible advice analyse sub-response before returning it, , may log backtrace localise problem.


Comments

Post a Comment

Popular posts from this blog

javascript - Chart.js (Radar Chart) different scaleLineColor for each scaleLine -

-
Image
i try , create radar chart using chart.js has various colours each scaleline, or coloured between scalelines. wondering if possible? from: to: i have working graph, though there doesn't seem method change individual scale lines. kind regards leigh you can extend radar chart type this, so chart.types.radar.extend({ name: "radaralt", initialize: function (data) { chart.types.radar.prototype.initialize.apply(this, arguments); var originalscaledraw = this.scale.draw; var ctx = this.chart.ctx; this.scale.draw = function () { var linewidth = this.linewidth; // bypasses line drawing in originalscaledraw this.linewidth = linewidth; originalscaledraw.apply(this, arguments); ctx.linewidth = this.linewidth; var scale = this; // draw chart.helpers.each(scale.ylabels, function (label, index) { // color of ...
Read more

apache - Error with PHP mail(): Multiple or malformed newlines found in additional_header -

-
suddenly have started receiving above error without changes having been made script. host 1and1 (i know...) the script still works fine on different server, , suspicion there must have been server config change has lead this, although hosts plead ignorance. there's no information on above error @ in google can find - have ideas? server running apache if helps. had similar problem. came out of blue. no php code changed. what changed: php upgraded 5.5.25-1 5.5.26. a security risk in php mail() function has been fixed , newlines in additional_headers allowed no more. because newlines mean: starts email message (and surely don't want inject newlines through headers followed evil message). what have worked fine, e.g. having newlines after headers or passing whole message additional_headers , function no more. solution : sanitize headers. no multiple newlines in additional_headers argument. these count "multiple or malformed newlines":...
Read more

java - Android – MapFragment overlay button shadow, just like MyLocation button -

-
Image
i'm struggling add shadow custom overlay button on google map. goal make custom button google's mylocation button. here's how app looks now: layout.xml <relativelayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" xmlns:map="http://schemas.android.com/apk/res-auto" android:layout_height="match_parent" android:layout_width="match_parent" style="@style/apptheme"> <fragment android:layout_width="match_parent" android:layout_height="match_parent" android:id="@+id/map" tools:context=".mapsactivity" android:name="com.google.android.gms.maps.supportmapfragment" android:layout_alignparentend="true" android:layout_alignparentstart="true" android:layout_alignparentbottom="true" ...
Read more