No Description

ServerBag.php 3.6KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\HttpFoundation;
  11. /**
  12. * ServerBag is a container for HTTP headers from the $_SERVER variable.
  13. *
  14. * @author Fabien Potencier <fabien@symfony.com>
  15. * @author Bulat Shakirzyanov <mallluhuct@gmail.com>
  16. * @author Robert Kiss <kepten@gmail.com>
  17. */
  18. class ServerBag extends ParameterBag
  19. {
  20. /**
  21. * Gets the HTTP headers.
  22. *
  23. * @return array
  24. */
  25. public function getHeaders()
  26. {
  27. $headers = array();
  28. $contentHeaders = array('CONTENT_LENGTH' => true, 'CONTENT_MD5' => true, 'CONTENT_TYPE' => true);
  29. foreach ($this->parameters as $key => $value) {
  30. if (0 === strpos($key, 'HTTP_')) {
  31. $headers[substr($key, 5)] = $value;
  32. }
  33. // CONTENT_* are not prefixed with HTTP_
  34. elseif (isset($contentHeaders[$key])) {
  35. $headers[$key] = $value;
  36. }
  37. }
  38. if (isset($this->parameters['PHP_AUTH_USER'])) {
  39. $headers['PHP_AUTH_USER'] = $this->parameters['PHP_AUTH_USER'];
  40. $headers['PHP_AUTH_PW'] = isset($this->parameters['PHP_AUTH_PW']) ? $this->parameters['PHP_AUTH_PW'] : '';
  41. } else {
  42. /*
  43. * php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default
  44. * For this workaround to work, add these lines to your .htaccess file:
  45. * RewriteCond %{HTTP:Authorization} ^(.+)$
  46. * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  47. *
  48. * A sample .htaccess file:
  49. * RewriteEngine On
  50. * RewriteCond %{HTTP:Authorization} ^(.+)$
  51. * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  52. * RewriteCond %{REQUEST_FILENAME} !-f
  53. * RewriteRule ^(.*)$ app.php [QSA,L]
  54. */
  55. $authorizationHeader = null;
  56. if (isset($this->parameters['HTTP_AUTHORIZATION'])) {
  57. $authorizationHeader = $this->parameters['HTTP_AUTHORIZATION'];
  58. } elseif (isset($this->parameters['REDIRECT_HTTP_AUTHORIZATION'])) {
  59. $authorizationHeader = $this->parameters['REDIRECT_HTTP_AUTHORIZATION'];
  60. }
  61. if (null !== $authorizationHeader) {
  62. if (0 === stripos($authorizationHeader, 'basic ')) {
  63. // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
  64. $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)), 2);
  65. if (count($exploded) == 2) {
  66. list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;
  67. }
  68. } elseif (empty($this->parameters['PHP_AUTH_DIGEST']) && (0 === stripos($authorizationHeader, 'digest '))) {
  69. // In some circumstances PHP_AUTH_DIGEST needs to be set
  70. $headers['PHP_AUTH_DIGEST'] = $authorizationHeader;
  71. $this->parameters['PHP_AUTH_DIGEST'] = $authorizationHeader;
  72. }
  73. }
  74. }
  75. // PHP_AUTH_USER/PHP_AUTH_PW
  76. if (isset($headers['PHP_AUTH_USER'])) {
  77. $headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
  78. } elseif (isset($headers['PHP_AUTH_DIGEST'])) {
  79. $headers['AUTHORIZATION'] = $headers['PHP_AUTH_DIGEST'];
  80. }
  81. return $headers;
  82. }
  83. }