Added ContentProvider to resolve news models to URLs #5
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
38 tasks
aschempp
force-pushed
the
feature/news-routing
branch
from
7020870
to
df5de85
Compare
aschempp
force-pushed
the
feature/news-routing
branch
from
df5de85
to
ec5ad42
Compare
leofeyer
pushed a commit
to contao/contao
that referenced
this pull request
Jul 21, 2020
Description ----------- This PR implements several long-discussed improvements we want to have in the Contao routing. ### Features: - [x] Configure URL-prefix (`.html`) per root page instead of the app config - [x] Configure the _prepend locale_ setting per root page instead of the app config - [x] Implement support for custom language prefix (closes #862) - [x] Only redirect to the language version of a page if it exists (see #1456) - [x] Generate routes for entities (e.g. pass `PageModel` to `$router->generate()` (see #831) - [x] Allow for custom page types as controllers (see #1160, #390) - [x] Allow a page type to have a static URL suffix (e.g. `.xml` instead of `.html` for the XML sitemap). #### Side Features - [ ] ~Do not generate frontend URLs for pages with parameters~ - [ ] ~add alternative to the `Input` class that also tracks unused parameters~ (not sure about this, as the Input is no longer used with routing parameters) - [x] _really_ only create template article for new pages that can have them - [x] do not create article if the new page's layout does not have articles ### Tasks - [ ] write documentation about _legacy routing mode_. - [ ] include support for extended languages (see https://github.com/contao/core-bundle/issues/1579) - [x] the url prefix should be unique for pages with the same dns setting. #1516 (comment) ### Follow-Up PRs - [x] Use router to generate SERP widget URL aschempp#3 - [ ] Replace current page types aschempp#4 - [ ] Support news aschempp#5 - [ ] Support calendar events aschempp#6 - [ ] Support other content (faq, etc.) ### Notes about backwards compatibility As discussed at the developer meeting in February 2020, we cannot keep full BC between the new features and the existing routing. The `contao.prepend_locale` and `contao.url_suffix` container configuration as well as the `getPageIdFromUrl` or `getRootPageFromUrl` hooks are conflicting with the new features. We agreed that Contao should fall into a _legacy routing_ mode, where the new features are not available in the root page in that case. **BC Todos:** - [x] Disable root page configuration in legacy routing mode - [x] ~Find a way to keep supporting `contao.routing.url_generator` service~ _only in legacy mode_ ### Related PRs / Dependencies: - [x] #1447 - [x] #1448 - [x] #1458 - [x] #1501 - [x] #1503 - [x] #1506 - [x] #1518 - [x] #1533 - [x] #1182 - [x] ~~#1639 - [x] #1640 - [x] #1650 - [x] #1652 - [x] #1864 - [x] #1869 - [x] #1896 Commits ------- 21a9efe Use page language instead of _locale parameter for $_GET['language'] c2ba2d1 Add languagePrefix and urlSuffix fields to tl_page d3abce3 Deprecate the bundle config but override the page config if set 78dfc42 Fix alias rendering in PageTree b8616b0 Rewrite the language filter to use the page properties ec3969d Add legacy routing check to ContaoFramework class 4f26e73 Added separate class to generate URL candidates 29bd111 Add languagePrefix and urlSuffix to PageModel with BC layer 510da35 Update RouteProvider to use candidates based on root page 02eca55 Add redirect routes if page is requested without languagePrefix 62f3656 Update routing functional tests c1f2f93 Added migration for tl_page fields 39d987b Set config values from current request 5b03a6c Correctly generate root and fallback routes with languagePrefix db9768f Check for ID/alias duplicate with new page parameters 83fc289 Use pageModel from request or trigger exception in deprecated methods without legacy mode 01b9c97 Update Route404Provider to use languagePrefix from PageModel 0d3f58b Fixed service arguments for LegacyRoutingListener bc02925 Added duplicates validation for alias, languagePrefix and urlSuffix 95c7042 Correctly migrate the legacy routing configuration 192fff1 CS and test fixes aa09e96 Switch page type and alias field position 11638ac Add route name and object to the attributes 139b19c Add custom route object for PageModel 223182e Content resolvers convert content to a route object 168c218 Let the page model tell if useAutoItem is enabled 8158ad2 Use service tagging to add router enhancers bda2a16 CS 44a5a43 Let the router generate page URLs b7bd00b Use the DynamicRouter from CMF Routing Bundle a8dcc22 Rename the ContentResolverInterface to ContentUrlResolverInterface 692742d Introducing page providers 190a38b Make PageRoute more flexible 5375860 Always render regular page for unknown types 4a27948 Added autoconfiguration for contao.page_provider 1b3bf76 Added RootPageProvider which provides the default url suffixes 0e559fc Generate page type options from providers c03f503 Added ContentCompositionListener to correctly show or hide article features 8b27f64 Added BC layer for UrlGenerator and other legacy routing 2c0115f Enable legacy routing by container configuration and throw exception if hooks require it a9f09bc Add legacy routing information to the data collector 156ef52 Trigger deprecation warnings if the Symfony routing is not used 928de08 Always show list of legacy routing hooks in profiler 079370f Rename languagePrefix to urlPrefix a015340 Include the previous exception on re-throw ca7ea33 Fix spelling in method name f384d55 Use ::class in exception message 1fc7bfd ContentUrlResolvers must always return a route f9cfbe8 Decorate the Candidates to implement legacy behavior dea83be Add an additional router for the legacy routes in legacy mode 41ab6c6 Adjust routing to string route name see symfony-cmf/Routing#250 1d7968c Fix remaining objects passed to Router::generate() 10b1b3e Add some deprecation notices and annotations 815e1c0 Fixed argument order in exception message 8fdbdf9 Use anonymous services for legacy routing ba67633 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php # core-bundle/src/Resources/config/services.yml # core-bundle/src/Resources/contao/dca/tl_article.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/library/Contao/Template.php # core-bundle/src/Resources/contao/themes/flexible/main.min.css # core-bundle/tests/Routing/Enhancer/InputEnhancerTest.php # core-bundle/tests/Routing/Route404ProviderTest.php 50ba4cd Fix incorrect service name fc680b7 Fix unit tests for ContaoCoreExtension 534ccdd Fix some tests e0118c4 The contao.routing.url_generator is only available in legacy mode f6f1d19 Fix remaining unit tests 87c121a CS f7ae7a9 Trigger route error only when used 6ba5f7a Added 100% test coverage for ContentCompositionListener 74f8c7c Added missing unit tests 22394dd Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/tests/DependencyInjection/ContaoCoreExtensionTest.php # core-bundle/tests/Functional/RoutingTest.php 325b114 Fixed ContaoCoreExtensionTest 5627ec3 CS 888ec70 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/tests/Asset/ContaoContextTest.php 701cd59 CS 0be7232 Always insert the new article into an available layout column cbd42ac Expect deprecations afc706a CS 577f1fa CS c719b1c CS e51d432 Move classes to new namespace 5b30edd Refactor with PageRouteFactory edd253e Added PageRegistry de480f2 CS and tests 629300e Added concept of path parameters bb76ae6 Fixed service name 793b3d5 Providing URL suffixes without custom routes does not make sense 4692bcc PageModel is not optional 502276a Make the RouteFactory more generic f11ab17 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php 4dd724a Tests 6288646 Fixed failing test if there are no url suffixes ae90ba6 Logger is optional d696ed9 Logger is optional 0262068 phpstan 613c39e phpstan 2afd655 phpstan & tests 37c4dda phpstan & tests c337e1b phpstan & tests 5b78fa6 Merge remote-tracking branch 'upstream/master' into feature/routing 8342fa0 psalm & tests edb1e52 yamllint 194f942 Do not use warning color if legacy routing is disabled 5a1b41a Reuse class name variable c422a02 Register interfaces for autoconfiguration c93b1e6 Drop unnecessary tags with autoconfigure 4328f77 Correctly purge search index b5d4be1 Use PathUtil to check if hook is in vendor dir ece1376 Throw correct exception if route is not supported c60854c Merge remote-tracking branch 'upstream/master' into feature/routing f4ca10f Use the security voter to check article permissions 61bccf7 Tests 04f50f1 Tests c4b004b Rename page controllers a806b39 Use subscribed services 289cc0b URL must include prefix and suffix when generating candidates 2e507a4 CS a63f337 Rewrite candidates d023ee3 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/library/Contao/Controller.php e46b79a Fixed return type 82fbcc4 Code review 491c83b Code review 681dafd Check if the URL prefix is duplicated in another root page 2fa6eee Merge remote-tracking branch 'upstream/master' into feature/routing bfab096 Fix the coding style c1cca71 Merge branch 'master' into feature/routing f3cbd68 Fix the unit tests 63188d6 Fix the phpDoc types 92ea072 Adjust the deprecation messages 35e4d71 Fix a non-optimal if condition 7ba51e7 Fix some minor issues fba7c23 Adjust the "this setting has been disabled" warning a1d0532 Review from @dmolineus a972f8d Review from @leofeyer 164291b Fixed Route404Provider tests 0dea19a Use permission constants 5c72385 Remove invalid model methods 444c736 Use callback instead of listener method for help icon 6ef2654 Fix the coding style d9a259a Fix a wrong trans-unit ID 351c32f Replace "@var Adapter" with something the IDE and PhpStan understand ab6cb7e Correctly generate the index route b01b059 Correctly match a request with url prefix if there is no index page c089b6d Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/ContaoCoreBundle.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/models/PageModel.php # core-bundle/src/Routing/RouteProvider.php # core-bundle/tests/ContaoCoreBundleTest.php c338e4a CS 7763b81 Fix the CI chain 5db0afe Drop the parameters field a4aba62 Allow to define content composition in the service tag/annotation 31d34ec Get URL prefix and suffix from the page registry ea8f57b Rename the PageRouteEnhancerInterface 2e373e4 Update RootController, no longer needs additional interfaces b895744 Allow relative or absolute path for page controllers 3295ed8 CS 524c5e6 Fix tests 5850c24 CS 961ffcd Use $this->createResult() instead of new MigrationResult() 1f70bdb Implemented feedback from @Toflar ded7d5c Correctly validate the URL suffix 64b388e Correctly support absolute URLs with empty prefix f7fda16 CS
leofeyer
pushed a commit
to contao/manager-bundle
that referenced
this pull request
Jul 21, 2020
Description ----------- This PR implements several long-discussed improvements we want to have in the Contao routing. ### Features: - [x] Configure URL-prefix (`.html`) per root page instead of the app config - [x] Configure the _prepend locale_ setting per root page instead of the app config - [x] Implement support for custom language prefix (closes contao/contao#862) - [x] Only redirect to the language version of a page if it exists (see contao/contao#1456) - [x] Generate routes for entities (e.g. pass `PageModel` to `$router->generate()` (see contao/contao#831) - [x] Allow for custom page types as controllers (see contao/contao#1160, contao/contao#390) - [x] Allow a page type to have a static URL suffix (e.g. `.xml` instead of `.html` for the XML sitemap). #### Side Features - [ ] ~Do not generate frontend URLs for pages with parameters~ - [ ] ~add alternative to the `Input` class that also tracks unused parameters~ (not sure about this, as the Input is no longer used with routing parameters) - [x] _really_ only create template article for new pages that can have them - [x] do not create article if the new page's layout does not have articles ### Tasks - [ ] write documentation about _legacy routing mode_. - [ ] include support for extended languages (see https://github.com/contao/core-bundle/issues/1579) - [x] the url prefix should be unique for pages with the same dns setting. contao/contao#1516 (comment) ### Follow-Up PRs - [x] Use router to generate SERP widget URL aschempp/contao#3 - [ ] Replace current page types aschempp/contao#4 - [ ] Support news aschempp/contao#5 - [ ] Support calendar events aschempp/contao#6 - [ ] Support other content (faq, etc.) ### Notes about backwards compatibility As discussed at the developer meeting in February 2020, we cannot keep full BC between the new features and the existing routing. The `contao.prepend_locale` and `contao.url_suffix` container configuration as well as the `getPageIdFromUrl` or `getRootPageFromUrl` hooks are conflicting with the new features. We agreed that Contao should fall into a _legacy routing_ mode, where the new features are not available in the root page in that case. **BC Todos:** - [x] Disable root page configuration in legacy routing mode - [x] ~Find a way to keep supporting `contao.routing.url_generator` service~ _only in legacy mode_ ### Related PRs / Dependencies: - [x] contao/contao#1447 - [x] contao/contao#1448 - [x] contao/contao#1458 - [x] contao/contao#1501 - [x] contao/contao#1503 - [x] contao/contao#1506 - [x] #1518 - [x] #1533 - [x] #1182 - [x] ~~contao/contao#1639 - [x] contao/contao#1640 - [x] contao/contao#1650 - [x] contao/contao#1652 - [x] contao/contao#1864 - [x] contao/contao#1869 - [x] contao/contao#1896 Commits ------- 21a9efee Use page language instead of _locale parameter for $_GET['language'] c2ba2d18 Add languagePrefix and urlSuffix fields to tl_page d3abce32 Deprecate the bundle config but override the page config if set 78dfc423 Fix alias rendering in PageTree b8616b07 Rewrite the language filter to use the page properties ec3969d4 Add legacy routing check to ContaoFramework class 4f26e730 Added separate class to generate URL candidates 29bd1112 Add languagePrefix and urlSuffix to PageModel with BC layer 510da353 Update RouteProvider to use candidates based on root page 02eca555 Add redirect routes if page is requested without languagePrefix 62f36562 Update routing functional tests c1f2f93b Added migration for tl_page fields 39d987b6 Set config values from current request 5b03a6cf Correctly generate root and fallback routes with languagePrefix db9768f4 Check for ID/alias duplicate with new page parameters 83fc2890 Use pageModel from request or trigger exception in deprecated methods without legacy mode 01b9c97b Update Route404Provider to use languagePrefix from PageModel 0d3f58bf Fixed service arguments for LegacyRoutingListener bc029251 Added duplicates validation for alias, languagePrefix and urlSuffix 95c7042a Correctly migrate the legacy routing configuration 192fff16 CS and test fixes aa09e969 Switch page type and alias field position 11638acb Add route name and object to the attributes 139b19c3 Add custom route object for PageModel 223182e2 Content resolvers convert content to a route object 168c2182 Let the page model tell if useAutoItem is enabled 8158ad24 Use service tagging to add router enhancers bda2a160 CS 44a5a433 Let the router generate page URLs b7bd00bc Use the DynamicRouter from CMF Routing Bundle a8dcc223 Rename the ContentResolverInterface to ContentUrlResolverInterface 692742d8 Introducing page providers 190a38b1 Make PageRoute more flexible 53758600 Always render regular page for unknown types 4a27948d Added autoconfiguration for contao.page_provider 1b3bf760 Added RootPageProvider which provides the default url suffixes 0e559fc9 Generate page type options from providers c03f5037 Added ContentCompositionListener to correctly show or hide article features 8b27f64d Added BC layer for UrlGenerator and other legacy routing 2c0115f0 Enable legacy routing by container configuration and throw exception if hooks require it a9f09bca Add legacy routing information to the data collector 156ef523 Trigger deprecation warnings if the Symfony routing is not used 928de089 Always show list of legacy routing hooks in profiler 079370f9 Rename languagePrefix to urlPrefix a0153401 Include the previous exception on re-throw ca7ea33d Fix spelling in method name f384d55c Use ::class in exception message 1fc7bfd6 ContentUrlResolvers must always return a route f9cfbe88 Decorate the Candidates to implement legacy behavior dea83bef Add an additional router for the legacy routes in legacy mode 41ab6c65 Adjust routing to string route name see symfony-cmf/Routing#250 1d7968c1 Fix remaining objects passed to Router::generate() 10b1b3e3 Add some deprecation notices and annotations 815e1c07 Fixed argument order in exception message 8fdbdf95 Use anonymous services for legacy routing ba676339 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php # core-bundle/src/Resources/config/services.yml # core-bundle/src/Resources/contao/dca/tl_article.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/library/Contao/Template.php # core-bundle/src/Resources/contao/themes/flexible/main.min.css # core-bundle/tests/Routing/Enhancer/InputEnhancerTest.php # core-bundle/tests/Routing/Route404ProviderTest.php 50ba4cd8 Fix incorrect service name fc680b74 Fix unit tests for ContaoCoreExtension 534ccdd9 Fix some tests e0118c44 The contao.routing.url_generator is only available in legacy mode f6f1d198 Fix remaining unit tests 87c121ac CS f7ae7a9e Trigger route error only when used 6ba5f7a1 Added 100% test coverage for ContentCompositionListener 74f8c7c5 Added missing unit tests 22394dda Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/tests/DependencyInjection/ContaoCoreExtensionTest.php # core-bundle/tests/Functional/RoutingTest.php 325b1147 Fixed ContaoCoreExtensionTest 5627ec33 CS 888ec702 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/tests/Asset/ContaoContextTest.php 701cd593 CS 0be72326 Always insert the new article into an available layout column cbd42acc Expect deprecations afc706a1 CS 577f1fa3 CS c719b1c5 CS e51d4324 Move classes to new namespace 5b30edde Refactor with PageRouteFactory edd253ef Added PageRegistry de480f2f CS and tests 629300e4 Added concept of path parameters bb76ae64 Fixed service name 793b3d56 Providing URL suffixes without custom routes does not make sense 4692bccd PageModel is not optional 502276ad Make the RouteFactory more generic f11ab176 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php 4dd724af Tests 62886460 Fixed failing test if there are no url suffixes ae90ba66 Logger is optional d696ed9d Logger is optional 0262068f phpstan 613c39ee phpstan 2afd655c phpstan & tests 37c4dda4 phpstan & tests c337e1b0 phpstan & tests 5b78fa64 Merge remote-tracking branch 'upstream/master' into feature/routing 8342fa0b psalm & tests edb1e52b yamllint 194f942a Do not use warning color if legacy routing is disabled 5a1b41a1 Reuse class name variable c422a021 Register interfaces for autoconfiguration c93b1e6d Drop unnecessary tags with autoconfigure 4328f77a Correctly purge search index b5d4be1e Use PathUtil to check if hook is in vendor dir ece1376c Throw correct exception if route is not supported c60854cb Merge remote-tracking branch 'upstream/master' into feature/routing f4ca10f7 Use the security voter to check article permissions 61bccf79 Tests 04f50f1e Tests c4b004bb Rename page controllers a806b39c Use subscribed services 289cc0ba URL must include prefix and suffix when generating candidates 2e507a45 CS a63f3373 Rewrite candidates d023ee3e Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/library/Contao/Controller.php e46b79ad Fixed return type 82fbcc41 Code review 491c83b9 Code review 681dafdc Check if the URL prefix is duplicated in another root page 2fa6eee0 Merge remote-tracking branch 'upstream/master' into feature/routing bfab096b Fix the coding style c1cca71f Merge branch 'master' into feature/routing f3cbd681 Fix the unit tests 63188d64 Fix the phpDoc types 92ea0725 Adjust the deprecation messages 35e4d71e Fix a non-optimal if condition 7ba51e75 Fix some minor issues fba7c23a Adjust the "this setting has been disabled" warning a1d05327 Review from @dmolineus a972f8d8 Review from @leofeyer 164291bb Fixed Route404Provider tests 0dea19a8 Use permission constants 5c723859 Remove invalid model methods 444c7364 Use callback instead of listener method for help icon 6ef2654c Fix the coding style d9a259ae Fix a wrong trans-unit ID 351c32fa Replace "@var Adapter" with something the IDE and PhpStan understand ab6cb7eb Correctly generate the index route b01b0598 Correctly match a request with url prefix if there is no index page c089b6dd Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/ContaoCoreBundle.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/models/PageModel.php # core-bundle/src/Routing/RouteProvider.php # core-bundle/tests/ContaoCoreBundleTest.php c338e4a0 CS 7763b81d Fix the CI chain 5db0afe7 Drop the parameters field a4aba627 Allow to define content composition in the service tag/annotation 31d34ec2 Get URL prefix and suffix from the page registry ea8f57bd Rename the PageRouteEnhancerInterface 2e373e43 Update RootController, no longer needs additional interfaces b8957447 Allow relative or absolute path for page controllers 3295ed80 CS 524c5e62 Fix tests 5850c246 CS 961ffcd4 Use $this->createResult() instead of new MigrationResult() 1f70bdbe Implemented feedback from @Toflar ded7d5c2 Correctly validate the URL suffix 64b388e0 Correctly support absolute URLs with empty prefix f7fda160 CS
leofeyer
pushed a commit
to contao/core-bundle
that referenced
this pull request
Jul 21, 2020
Description ----------- This PR implements several long-discussed improvements we want to have in the Contao routing. ### Features: - [x] Configure URL-prefix (`.html`) per root page instead of the app config - [x] Configure the _prepend locale_ setting per root page instead of the app config - [x] Implement support for custom language prefix (closes contao/contao#862) - [x] Only redirect to the language version of a page if it exists (see contao/contao#1456) - [x] Generate routes for entities (e.g. pass `PageModel` to `$router->generate()` (see contao/contao#831) - [x] Allow for custom page types as controllers (see contao/contao#1160, contao/contao#390) - [x] Allow a page type to have a static URL suffix (e.g. `.xml` instead of `.html` for the XML sitemap). #### Side Features - [ ] ~Do not generate frontend URLs for pages with parameters~ - [ ] ~add alternative to the `Input` class that also tracks unused parameters~ (not sure about this, as the Input is no longer used with routing parameters) - [x] _really_ only create template article for new pages that can have them - [x] do not create article if the new page's layout does not have articles ### Tasks - [ ] write documentation about _legacy routing mode_. - [ ] include support for extended languages (see https://github.com/contao/core-bundle/issues/1579) - [x] the url prefix should be unique for pages with the same dns setting. contao/contao#1516 (comment) ### Follow-Up PRs - [x] Use router to generate SERP widget URL aschempp/contao#3 - [ ] Replace current page types aschempp/contao#4 - [ ] Support news aschempp/contao#5 - [ ] Support calendar events aschempp/contao#6 - [ ] Support other content (faq, etc.) ### Notes about backwards compatibility As discussed at the developer meeting in February 2020, we cannot keep full BC between the new features and the existing routing. The `contao.prepend_locale` and `contao.url_suffix` container configuration as well as the `getPageIdFromUrl` or `getRootPageFromUrl` hooks are conflicting with the new features. We agreed that Contao should fall into a _legacy routing_ mode, where the new features are not available in the root page in that case. **BC Todos:** - [x] Disable root page configuration in legacy routing mode - [x] ~Find a way to keep supporting `contao.routing.url_generator` service~ _only in legacy mode_ ### Related PRs / Dependencies: - [x] contao/contao#1447 - [x] contao/contao#1448 - [x] contao/contao#1458 - [x] contao/contao#1501 - [x] contao/contao#1503 - [x] contao/contao#1506 - [x] #1518 - [x] #1533 - [x] #1182 - [x] ~~contao/contao#1639 - [x] contao/contao#1640 - [x] contao/contao#1650 - [x] contao/contao#1652 - [x] contao/contao#1864 - [x] contao/contao#1869 - [x] contao/contao#1896 Commits ------- 21a9efee Use page language instead of _locale parameter for $_GET['language'] c2ba2d18 Add languagePrefix and urlSuffix fields to tl_page d3abce32 Deprecate the bundle config but override the page config if set 78dfc423 Fix alias rendering in PageTree b8616b07 Rewrite the language filter to use the page properties ec3969d4 Add legacy routing check to ContaoFramework class 4f26e730 Added separate class to generate URL candidates 29bd1112 Add languagePrefix and urlSuffix to PageModel with BC layer 510da353 Update RouteProvider to use candidates based on root page 02eca555 Add redirect routes if page is requested without languagePrefix 62f36562 Update routing functional tests c1f2f93b Added migration for tl_page fields 39d987b6 Set config values from current request 5b03a6cf Correctly generate root and fallback routes with languagePrefix db9768f4 Check for ID/alias duplicate with new page parameters 83fc2890 Use pageModel from request or trigger exception in deprecated methods without legacy mode 01b9c97b Update Route404Provider to use languagePrefix from PageModel 0d3f58bf Fixed service arguments for LegacyRoutingListener bc029251 Added duplicates validation for alias, languagePrefix and urlSuffix 95c7042a Correctly migrate the legacy routing configuration 192fff16 CS and test fixes aa09e969 Switch page type and alias field position 11638acb Add route name and object to the attributes 139b19c3 Add custom route object for PageModel 223182e2 Content resolvers convert content to a route object 168c2182 Let the page model tell if useAutoItem is enabled 8158ad24 Use service tagging to add router enhancers bda2a160 CS 44a5a433 Let the router generate page URLs b7bd00bc Use the DynamicRouter from CMF Routing Bundle a8dcc223 Rename the ContentResolverInterface to ContentUrlResolverInterface 692742d8 Introducing page providers 190a38b1 Make PageRoute more flexible 53758600 Always render regular page for unknown types 4a27948d Added autoconfiguration for contao.page_provider 1b3bf760 Added RootPageProvider which provides the default url suffixes 0e559fc9 Generate page type options from providers c03f5037 Added ContentCompositionListener to correctly show or hide article features 8b27f64d Added BC layer for UrlGenerator and other legacy routing 2c0115f0 Enable legacy routing by container configuration and throw exception if hooks require it a9f09bca Add legacy routing information to the data collector 156ef523 Trigger deprecation warnings if the Symfony routing is not used 928de089 Always show list of legacy routing hooks in profiler 079370f9 Rename languagePrefix to urlPrefix a0153401 Include the previous exception on re-throw ca7ea33d Fix spelling in method name f384d55c Use ::class in exception message 1fc7bfd6 ContentUrlResolvers must always return a route f9cfbe88 Decorate the Candidates to implement legacy behavior dea83bef Add an additional router for the legacy routes in legacy mode 41ab6c65 Adjust routing to string route name see symfony-cmf/Routing#250 1d7968c1 Fix remaining objects passed to Router::generate() 10b1b3e3 Add some deprecation notices and annotations 815e1c07 Fixed argument order in exception message 8fdbdf95 Use anonymous services for legacy routing ba676339 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php # core-bundle/src/Resources/config/services.yml # core-bundle/src/Resources/contao/dca/tl_article.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/library/Contao/Template.php # core-bundle/src/Resources/contao/themes/flexible/main.min.css # core-bundle/tests/Routing/Enhancer/InputEnhancerTest.php # core-bundle/tests/Routing/Route404ProviderTest.php 50ba4cd8 Fix incorrect service name fc680b74 Fix unit tests for ContaoCoreExtension 534ccdd9 Fix some tests e0118c44 The contao.routing.url_generator is only available in legacy mode f6f1d198 Fix remaining unit tests 87c121ac CS f7ae7a9e Trigger route error only when used 6ba5f7a1 Added 100% test coverage for ContentCompositionListener 74f8c7c5 Added missing unit tests 22394dda Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/tests/DependencyInjection/ContaoCoreExtensionTest.php # core-bundle/tests/Functional/RoutingTest.php 325b1147 Fixed ContaoCoreExtensionTest 5627ec33 CS 888ec702 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/tests/Asset/ContaoContextTest.php 701cd593 CS 0be72326 Always insert the new article into an available layout column cbd42acc Expect deprecations afc706a1 CS 577f1fa3 CS c719b1c5 CS e51d4324 Move classes to new namespace 5b30edde Refactor with PageRouteFactory edd253ef Added PageRegistry de480f2f CS and tests 629300e4 Added concept of path parameters bb76ae64 Fixed service name 793b3d56 Providing URL suffixes without custom routes does not make sense 4692bccd PageModel is not optional 502276ad Make the RouteFactory more generic f11ab176 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php 4dd724af Tests 62886460 Fixed failing test if there are no url suffixes ae90ba66 Logger is optional d696ed9d Logger is optional 0262068f phpstan 613c39ee phpstan 2afd655c phpstan & tests 37c4dda4 phpstan & tests c337e1b0 phpstan & tests 5b78fa64 Merge remote-tracking branch 'upstream/master' into feature/routing 8342fa0b psalm & tests edb1e52b yamllint 194f942a Do not use warning color if legacy routing is disabled 5a1b41a1 Reuse class name variable c422a021 Register interfaces for autoconfiguration c93b1e6d Drop unnecessary tags with autoconfigure 4328f77a Correctly purge search index b5d4be1e Use PathUtil to check if hook is in vendor dir ece1376c Throw correct exception if route is not supported c60854cb Merge remote-tracking branch 'upstream/master' into feature/routing f4ca10f7 Use the security voter to check article permissions 61bccf79 Tests 04f50f1e Tests c4b004bb Rename page controllers a806b39c Use subscribed services 289cc0ba URL must include prefix and suffix when generating candidates 2e507a45 CS a63f3373 Rewrite candidates d023ee3e Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/library/Contao/Controller.php e46b79ad Fixed return type 82fbcc41 Code review 491c83b9 Code review 681dafdc Check if the URL prefix is duplicated in another root page 2fa6eee0 Merge remote-tracking branch 'upstream/master' into feature/routing bfab096b Fix the coding style c1cca71f Merge branch 'master' into feature/routing f3cbd681 Fix the unit tests 63188d64 Fix the phpDoc types 92ea0725 Adjust the deprecation messages 35e4d71e Fix a non-optimal if condition 7ba51e75 Fix some minor issues fba7c23a Adjust the "this setting has been disabled" warning a1d05327 Review from @dmolineus a972f8d8 Review from @leofeyer 164291bb Fixed Route404Provider tests 0dea19a8 Use permission constants 5c723859 Remove invalid model methods 444c7364 Use callback instead of listener method for help icon 6ef2654c Fix the coding style d9a259ae Fix a wrong trans-unit ID 351c32fa Replace "@var Adapter" with something the IDE and PhpStan understand ab6cb7eb Correctly generate the index route b01b0598 Correctly match a request with url prefix if there is no index page c089b6dd Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/ContaoCoreBundle.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/models/PageModel.php # core-bundle/src/Routing/RouteProvider.php # core-bundle/tests/ContaoCoreBundleTest.php c338e4a0 CS 7763b81d Fix the CI chain 5db0afe7 Drop the parameters field a4aba627 Allow to define content composition in the service tag/annotation 31d34ec2 Get URL prefix and suffix from the page registry ea8f57bd Rename the PageRouteEnhancerInterface 2e373e43 Update RootController, no longer needs additional interfaces b8957447 Allow relative or absolute path for page controllers 3295ed80 CS 524c5e62 Fix tests 5850c246 CS 961ffcd4 Use $this->createResult() instead of new MigrationResult() 1f70bdbe Implemented feedback from @Toflar ded7d5c2 Correctly validate the URL suffix 64b388e0 Correctly support absolute URLs with empty prefix f7fda160 CS
aschempp
pushed a commit
that referenced
this pull request
Aug 4, 2020
Description ----------- With @Toflar we have discovered by accident that if a URL is double-encoded (for some reason, doesn't matter) the Contao's `RouteProvider` will eventually throw an error trying to query a database. ``` URL original: drachenlochmuseum-v%25c3%25a4ttis.html URL decoded: drachenlochmuseum-v%c3%a4ttis.html URL decoded 2nd time: drachenlochmuseum-vättis.html ``` The decoded URL is used in the database query and that fails because the database driver would like to replace wildcards `%c` with parameters that were not provided. Stack trace: ``` Exception: Too few arguments to build the query string contao#27 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Database/Statement.php(304): replaceWildcards contao#26 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Database/Statement.php(249): execute contao#25 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Model.php(1102): find contao#24 vendor/contao/core-bundle/src/Resources/contao/library/Contao/Model.php(973): findBy contao#23 vendor/contao/core-bundle/src/Framework/Adapter.php(38): __call contao#22 vendor/contao/core-bundle/src/Routing/RouteProvider.php(493): findPages contao#21 vendor/contao/core-bundle/src/Routing/RouteProvider.php(88): getRouteCollectionForRequest contao#20 vendor/contao/core-bundle/src/Routing/LegacyRouteProvider.php(43): getRouteCollectionForRequest contao#19 vendor/symfony-cmf/routing/src/NestedMatcher/NestedMatcher.php(141): matchRequest contao#18 vendor/contao/core-bundle/src/Routing/Matcher/LegacyMatcher.php(69): matchRequest contao#17 vendor/symfony-cmf/routing/src/DynamicRouter.php(271): matchRequest contao#16 vendor/symfony-cmf/routing/src/ChainRouter.php(188): doMatch contao#15 vendor/symfony-cmf/routing/src/ChainRouter.php(158): matchRequest contao#14 vendor/symfony/http-kernel/EventListener/RouterListener.php(115): onKernelRequest contao#13 vendor/symfony/event-dispatcher/EventDispatcher.php(212): doDispatch contao#12 vendor/symfony/event-dispatcher/EventDispatcher.php(44): dispatch #11 vendor/symfony/http-kernel/HttpKernel.php(126): handleRaw #10 vendor/symfony/http-kernel/HttpKernel.php(67): handle #9 vendor/symfony/http-kernel/Kernel.php(198): handle #8 vendor/symfony/http-kernel/HttpCache/SubRequestHandler.php(85): handle #7 vendor/symfony/http-kernel/HttpCache/HttpCache.php(448): forward #6 vendor/symfony/framework-bundle/HttpCache/HttpCache.php(57): forward #5 vendor/symfony/http-kernel/HttpCache/HttpCache.php(420): fetch #4 vendor/contao/manager-bundle/src/HttpKernel/ContaoCache.php(46): fetch #3 vendor/symfony/http-kernel/HttpCache/HttpCache.php(317): lookup #2 vendor/symfony/http-kernel/HttpCache/HttpCache.php(192): handle #1 vendor/friendsofsymfony/http-cache/src/SymfonyCache/EventDispatchingHttpCache.php(98): handle #0 web/app.php(58): null ``` Commits ------- 8ae2582 Fix a potential error if the URL has percentage in it 8caaf25 Fix unit tests 509f762 Correctly encode the page aliases
AlexejKossmann
pushed a commit
to AlexejKossmann/contao
that referenced
this pull request
Apr 6, 2021
Description ----------- This PR implements several long-discussed improvements we want to have in the Contao routing. ### Features: - [x] Configure URL-prefix (`.html`) per root page instead of the app config - [x] Configure the _prepend locale_ setting per root page instead of the app config - [x] Implement support for custom language prefix (closes contao#862) - [x] Only redirect to the language version of a page if it exists (see contao#1456) - [x] Generate routes for entities (e.g. pass `PageModel` to `$router->generate()` (see contao#831) - [x] Allow for custom page types as controllers (see contao#1160, contao#390) - [x] Allow a page type to have a static URL suffix (e.g. `.xml` instead of `.html` for the XML sitemap). #### Side Features - [ ] ~Do not generate frontend URLs for pages with parameters~ - [ ] ~add alternative to the `Input` class that also tracks unused parameters~ (not sure about this, as the Input is no longer used with routing parameters) - [x] _really_ only create template article for new pages that can have them - [x] do not create article if the new page's layout does not have articles ### Tasks - [ ] write documentation about _legacy routing mode_. - [ ] include support for extended languages (see https://github.com/contao/core-bundle/issues/1579) - [x] the url prefix should be unique for pages with the same dns setting. contao#1516 (comment) ### Follow-Up PRs - [x] Use router to generate SERP widget URL aschempp#3 - [ ] Replace current page types aschempp#4 - [ ] Support news aschempp#5 - [ ] Support calendar events aschempp#6 - [ ] Support other content (faq, etc.) ### Notes about backwards compatibility As discussed at the developer meeting in February 2020, we cannot keep full BC between the new features and the existing routing. The `contao.prepend_locale` and `contao.url_suffix` container configuration as well as the `getPageIdFromUrl` or `getRootPageFromUrl` hooks are conflicting with the new features. We agreed that Contao should fall into a _legacy routing_ mode, where the new features are not available in the root page in that case. **BC Todos:** - [x] Disable root page configuration in legacy routing mode - [x] ~Find a way to keep supporting `contao.routing.url_generator` service~ _only in legacy mode_ ### Related PRs / Dependencies: - [x] contao#1447 - [x] contao#1448 - [x] contao#1458 - [x] contao#1501 - [x] contao#1503 - [x] contao#1506 - [x] contao#1518 - [x] contao#1533 - [x] contao#1182 - [x] ~~contao#1639 - [x] contao#1640 - [x] contao#1650 - [x] contao#1652 - [x] contao#1864 - [x] contao#1869 - [x] contao#1896 Commits ------- 21a9efe Use page language instead of _locale parameter for $_GET['language'] c2ba2d1 Add languagePrefix and urlSuffix fields to tl_page d3abce3 Deprecate the bundle config but override the page config if set 78dfc42 Fix alias rendering in PageTree b8616b0 Rewrite the language filter to use the page properties ec3969d Add legacy routing check to ContaoFramework class 4f26e73 Added separate class to generate URL candidates 29bd111 Add languagePrefix and urlSuffix to PageModel with BC layer 510da35 Update RouteProvider to use candidates based on root page 02eca55 Add redirect routes if page is requested without languagePrefix 62f3656 Update routing functional tests c1f2f93 Added migration for tl_page fields 39d987b Set config values from current request 5b03a6c Correctly generate root and fallback routes with languagePrefix db9768f Check for ID/alias duplicate with new page parameters 83fc289 Use pageModel from request or trigger exception in deprecated methods without legacy mode 01b9c97 Update Route404Provider to use languagePrefix from PageModel 0d3f58b Fixed service arguments for LegacyRoutingListener bc02925 Added duplicates validation for alias, languagePrefix and urlSuffix 95c7042 Correctly migrate the legacy routing configuration 192fff1 CS and test fixes aa09e96 Switch page type and alias field position 11638ac Add route name and object to the attributes 139b19c Add custom route object for PageModel 223182e Content resolvers convert content to a route object 168c218 Let the page model tell if useAutoItem is enabled 8158ad2 Use service tagging to add router enhancers bda2a16 CS 44a5a43 Let the router generate page URLs b7bd00b Use the DynamicRouter from CMF Routing Bundle a8dcc22 Rename the ContentResolverInterface to ContentUrlResolverInterface 692742d Introducing page providers 190a38b Make PageRoute more flexible 5375860 Always render regular page for unknown types 4a27948 Added autoconfiguration for contao.page_provider 1b3bf76 Added RootPageProvider which provides the default url suffixes 0e559fc Generate page type options from providers c03f503 Added ContentCompositionListener to correctly show or hide article features 8b27f64 Added BC layer for UrlGenerator and other legacy routing 2c0115f Enable legacy routing by container configuration and throw exception if hooks require it a9f09bc Add legacy routing information to the data collector 156ef52 Trigger deprecation warnings if the Symfony routing is not used 928de08 Always show list of legacy routing hooks in profiler 079370f Rename languagePrefix to urlPrefix a015340 Include the previous exception on re-throw ca7ea33 Fix spelling in method name f384d55 Use ::class in exception message 1fc7bfd ContentUrlResolvers must always return a route f9cfbe8 Decorate the Candidates to implement legacy behavior dea83be Add an additional router for the legacy routes in legacy mode 41ab6c6 Adjust routing to string route name see symfony-cmf/Routing#250 1d7968c Fix remaining objects passed to Router::generate() 10b1b3e Add some deprecation notices and annotations 815e1c0 Fixed argument order in exception message 8fdbdf9 Use anonymous services for legacy routing ba67633 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php # core-bundle/src/Resources/config/services.yml # core-bundle/src/Resources/contao/dca/tl_article.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/library/Contao/Template.php # core-bundle/src/Resources/contao/themes/flexible/main.min.css # core-bundle/tests/Routing/Enhancer/InputEnhancerTest.php # core-bundle/tests/Routing/Route404ProviderTest.php 50ba4cd Fix incorrect service name fc680b7 Fix unit tests for ContaoCoreExtension 534ccdd Fix some tests e0118c4 The contao.routing.url_generator is only available in legacy mode f6f1d19 Fix remaining unit tests 87c121a CS f7ae7a9 Trigger route error only when used 6ba5f7a Added 100% test coverage for ContentCompositionListener 74f8c7c Added missing unit tests 22394dd Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/tests/DependencyInjection/ContaoCoreExtensionTest.php # core-bundle/tests/Functional/RoutingTest.php 325b114 Fixed ContaoCoreExtensionTest 5627ec3 CS 888ec70 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/tests/Asset/ContaoContextTest.php 701cd59 CS 0be7232 Always insert the new article into an available layout column cbd42ac Expect deprecations afc706a CS 577f1fa CS c719b1c CS e51d432 Move classes to new namespace 5b30edd Refactor with PageRouteFactory edd253e Added PageRegistry de480f2 CS and tests 629300e Added concept of path parameters bb76ae6 Fixed service name 793b3d5 Providing URL suffixes without custom routes does not make sense 4692bcc PageModel is not optional 502276a Make the RouteFactory more generic f11ab17 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Framework/ContaoFramework.php 4dd724a Tests 6288646 Fixed failing test if there are no url suffixes ae90ba6 Logger is optional d696ed9 Logger is optional 0262068 phpstan 613c39e phpstan 2afd655 phpstan & tests 37c4dda phpstan & tests c337e1b phpstan & tests 5b78fa6 Merge remote-tracking branch 'upstream/master' into feature/routing 8342fa0 psalm & tests edb1e52 yamllint 194f942 Do not use warning color if legacy routing is disabled 5a1b41a Reuse class name variable c422a02 Register interfaces for autoconfiguration c93b1e6 Drop unnecessary tags with autoconfigure 4328f77 Correctly purge search index b5d4be1 Use PathUtil to check if hook is in vendor dir ece1376 Throw correct exception if route is not supported c60854c Merge remote-tracking branch 'upstream/master' into feature/routing f4ca10f Use the security voter to check article permissions 61bccf7 Tests 04f50f1 Tests c4b004b Rename page controllers a806b39 Use subscribed services 289cc0b URL must include prefix and suffix when generating candidates 2e507a4 CS a63f337 Rewrite candidates d023ee3 Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/Resources/contao/library/Contao/Controller.php e46b79a Fixed return type 82fbcc4 Code review 491c83b Code review 681dafd Check if the URL prefix is duplicated in another root page 2fa6eee Merge remote-tracking branch 'upstream/master' into feature/routing bfab096 Fix the coding style c1cca71 Merge branch 'master' into feature/routing f3cbd68 Fix the unit tests 63188d6 Fix the phpDoc types 92ea072 Adjust the deprecation messages 35e4d71 Fix a non-optimal if condition 7ba51e7 Fix some minor issues fba7c23 Adjust the "this setting has been disabled" warning a1d0532 Review from @dmolineus a972f8d Review from @leofeyer 164291b Fixed Route404Provider tests 0dea19a Use permission constants 5c72385 Remove invalid model methods 444c736 Use callback instead of listener method for help icon 6ef2654 Fix the coding style d9a259a Fix a wrong trans-unit ID 351c32f Replace "@var Adapter" with something the IDE and PhpStan understand ab6cb7e Correctly generate the index route b01b059 Correctly match a request with url prefix if there is no index page c089b6d Merge remote-tracking branch 'upstream/master' into feature/routing # Conflicts: # core-bundle/src/ContaoCoreBundle.php # core-bundle/src/Resources/contao/dca/tl_page.php # core-bundle/src/Resources/contao/models/PageModel.php # core-bundle/src/Routing/RouteProvider.php # core-bundle/tests/ContaoCoreBundleTest.php c338e4a CS 7763b81 Fix the CI chain 5db0afe Drop the parameters field a4aba62 Allow to define content composition in the service tag/annotation 31d34ec Get URL prefix and suffix from the page registry ea8f57b Rename the PageRouteEnhancerInterface 2e373e4 Update RootController, no longer needs additional interfaces b895744 Allow relative or absolute path for page controllers 3295ed8 CS 524c5e6 Fix tests 5850c24 CS 961ffcd Use $this->createResult() instead of new MigrationResult() 1f70bdb Implemented feedback from @Toflar ded7d5c Correctly validate the URL suffix 64b388e Correctly support absolute URLs with empty prefix f7fda16 CS
aschempp
pushed a commit
that referenced
this pull request
Jun 21, 2021
Description ----------- Alternative approach for response context as discussed in Core team call. I guess there's no point in explaining it all here - I'll just document the final iteration once everything is done in the Contao dev docs ^^ Commits ------- 205dafc Reworked response context concept 786b50c Merge branch '4.x' into feature/response-context-rework 4d1cf18 CS d2151bb Fixed tests aae1091 Implemented removing existing services and added support for interfaces 0a83cbe Added psalm docs 5f27ffc Make HtmlHeadBag final 5e75e38 CS 950e9bb Also consider parent classes as aliases fbe8206 Going back to a regular array and removed the remove() method 41b1c60 Added support for lazy services 8a35bc9 Fixed tests 0d7f8d9 CS Co-authored-by: Leo Feyer <github@contao.org> 5b9706c Added failing test to show class issue d37a223 Merge pull request #4 from aschempp/feature/response-context-rework Added failing test to show class issue f0a1f35 Removed irrelevant assertion 1d29c95 Fixed tests 6399cc7 Cleanup 1255632 Fixed phpstan 6a1eebc CS e90daf4 Added failing test to show alias being overridden a5c9589 Merge pull request #5 from aschempp/feature/response-context-rework Added failing test to show alias being overridden 1cb74c7 Fixed tests 84af804 Removed leftover 62cb0af CS
leofeyer
pushed a commit
that referenced
this pull request
Mar 22, 2022
Description ----------- Unfortunately, #4 got merged without the changes we discussed, but here they are … Commits ------- 03516da2 Fix FunctionalTestCase 6022d29e Fix method name 85e014d5 Boot kernel when resetting database
aschempp
pushed a commit
that referenced
this pull request
Jun 30, 2022
Description ----------- - Commits ------- 18f27e2 Get rid of the base tag 50c2f91 Also adjust the AssetListener e70e6e2 Update the UPGRADE.md file 1db8ad0 Remove the File::getFullPath() method again a6c2d2a Add the base tag in the front end again 7de8805 Automatically add and remove `{{env::path}}` to relative links in Tin… 6a5804c Use Environment::get('path') in the legacy code 6b5f635 Add the BasePathPrefixer service 0e1562c Use the asset() function in the code.html.twig template be5de2c Apply suggestions from code review 8f051c7 Fix the tests 8023081 Use requestUri instead of request a8bab4d Fix the Controller::addToUrl() method 11a79b5 Fix a leftover cfebc2a Prevent the "creation of dynamic property" warning fbf057a Use "env::base_path" instead of "env::path" ae3483a Use "requestUri" instead of "indexFreeRequest" c287ec7 Add the base_path_prefixer to the "file" insert tag 757f9bf Do not prefix the URL in redirect exceptions a5e1ee4 Remove two redundant test methods 29bcd8c Fix some base URL bugs (see #5) dde9686 Use app.request.basePath instead of the asset() function 8ff5f08 Fix the tests 66a6b6e Use the assets.context instead of a custom service 38a4610 Use the asset() method in the code.html.twig template 9b72d6b Fix the tests beefd78 Also prefix the image URL and the redirect URL ee7e745 Add the Validator::isRelativeUrl() method f76053c Use "contao.assets.files_context" for file URLs 154fb12 Fix the URL in the file insert tag a94dc2f Remove the deprecation and add the "title" field again 3832d24 Revert the ce_player.html5 changes Co-authored-by: Martin Auswöger <martin@auswoeger.com>
aschempp
pushed a commit
that referenced
this pull request
Feb 21, 2023
Description ----------- Closes contao#5712 Commits ------- 7a58d3d allow the teaser to be null (and therefore "not in the model", see #5… a33800b CS Co-authored-by: Leo Feyer <1192057+leofeyer@users.noreply.github.com>
aschempp
pushed a commit
that referenced
this pull request
Jan 17, 2024
Description ----------- This introduces the ability to define Content Security Policies for the front end. There will be new settings for each website root: <img src="https://github.com/contao/contao/assets/4970961/abf4bad8-f025-4cb0-be82-c3088c68c1fc" width="898"> Within the _Content Security Policy_ field you can define your policies - with the exakt same syntax as the `Content-Security-Policy` header. For example `default-src 'self'` will tell the browser to only accept resources from the same domain and not allow any inline styles or scripts at all (at least not without nonces). Once a policy for `default-src`, `script-src` or `style-src` is set [1], Contao will automatically generate nonces for the respective `<script>` and `<style>` elements, at least in supported templates. If you have any custom templates with these tags, then you will need to adjust your template to include the nonce, which is pretty simple: ```twig <script nonce="{{ contao_csp_nonce('script-src') }}"> ``` ```php <script nonce="<?= $this->nonce('script-src') ?>"> ``` In this PR the `nonce` attribute is added conditionally everywhere, i.e. the attribute will not be set, if no nonce was necessary and thus no nonce was generated. So there will not be empty `nonce` attributes in the HTML code (though it would be fine). ## Allowing Specific Sources Dynamically Some content elements like the video, YouTube and Vimeo players dynamically allow their respective sources. This can be done directly from within the templates: ```twig {% do add_csp_source('frame-src', iframe_attrs.src) %} ``` ```php <?php $this->addCspSource('frame-src', $this->src); ?> ``` So even if you set the policies `frame-src 'self'; media-src 'none'` these content elements will still work as they dynamically allow their specific sources. ## Reporting In the CSP spec you also have the possibility to set a reporting URL. If the browser detects a CSP violation it will then automatically `POST` a report to that URL. Reporting needs to be specifically enabled in the website root. These reports will then also show up in the system log: <img src="https://github.com/contao/contao/assets/4970961/3ce826f7-48e3-4586-b28a-bdbabda9a765" width="879"> The system log entry will tell you which policy was violated and on which line. The detailed information will contain the original URL of the violation. This is of course a public API endpoint where anyone or anything can send any data. As such this needs to be handled with care. This PR uses the `ContentSecurityPolicyController` of `nelmio/security-bundle` which has the ability to filter out "noise". But instead of using that controller directly this PR implements its own controller and injects the service of Nelmio's controller. Our route always requires a valid page ID and always checks whether the current page's root has reporting enabled. If not, it will respond with 404 - otherwise it will forward the request to the `ContentSecurityPolicyController` of `nelmio/security-bundle`. ## Twig Components This PR introduces two new Twig components: `_style` and `_script`. When using them you do not have to think about having to check for nonces as the component does this automatically for you. However, I find that using these components makes the templates less readable - as there will also be no syntax highlighting by your editor anymore, since it won't know that the content of the component block is within a `<script>` or `<style>` tag. ## Thoughts, Decisions, Caveats Initially I thought may be Contao should set some sensible defaults automatically and also automatically allow the `staticFiles` and `staticPlugins` domains. However, this approach can be difficult and flawed. Contao cannot know in advance what kind of sources are hosted on its current and any of the static domains, thus we cannot set any `-src` policies (we would have to set all of them). It needs to be solely up to the administrator to set appropriate policies. One exception could be iframe sources, which could be automatically added (see above). However, allowing specific sources dynamically also has a caveat. Let's take the YouTube content element for example: on the page where such a content element is added, the Content-Security-Policy will automatically be the following [2]: ``` frame-src https://www.youtube.com/embed/abc123 ``` However, this will also mean that _no other iframes_ will be allowed on the same page, whereas without this content element they would be. We could change the helper functions to not add the directive if no existing (or `default-src` directive) is already present. Unfortunately the `CSPBuilder` has no such API at the moment. Further comments about the code will be down below in threads. PR is still a draft due to missing tests. ## Footnotes * [1]: ~If you _only_ set a `default-src` policy no nonces will be generated currently unfortunately due to an oversight in `paragonie/csp-builder` (see paragonie/csp-builder#65 not relevant after overhaul * [2]: ~Actually it will be only `child-src` without legacy browser support enabled (see paragonie/csp-builder#76 not relevant after overhaul Commits ------- 6a34219 add CSP 967f1ae fix line endings 6b36350 merge with 5.x 014c8e6 cs fix a008dce Merge remote-tracking branch 'origin/5.x' into csp 07de412 update dependencies 2473309 introduce script component 4ce5d5d mvp b211d7f add style component 0ec6738 remove unnecessary scopes 9b7dbc4 move templates to new location 9bdbf32 Merge remote-tracking branch 'origin/5.x' into csp 420bf35 add accidental removal 0fa2265 improve the implementation 613368c remove parameter definition 7c86310 remove getNonce method 7432de8 Merge remote-tracking branch 'origin/5.x' into csp fe45eed validate CSP a7466d6 fix toolbar a0f8ef9 fix toolbar yet again c9505eb consolidate CspRuntime and fix absolute source paths 99ac12a fix reporting 24e56f1 only add nonce if necessary 9029d31 remove unrelated change 1274da8 code style 87017e5 add tests 05f7141 fix service name ae8faa5 revert changes to stylesheet component 067dfce satisfy PHP stan ee4a542 update test db52a54 fix ci 4a52f50 increase nelmio/security-bundle requirements 2767dd3 Merge remote-tracking branch 'origin/5.x' into csp 2e312ca update csp-builder and security-bundle requirements, satisfy PHP stan 9131551 merge with 5.x bda5f21 overhaul 67cd1a6 fix test f365461 merge with 5.x 2598948 fix accidental öö 0fc5c61 Update core-bundle/contao/templates/twig/component/_script.html.twig ba71e55 fix _style.html.twig 13715f0 do not use any legacy CPS headers ccf927d change exception message af9a9db fix test 4510a92 move to private function 13b3c2a allow to enable report logging in website root 8356ac4 remove remnant config c727221 add comment 4cffecf fix prefer lowest 6e8538e code style ad61e35 fix functional tests differently 8d0bd31 remove remnant a0f2e74 fix another remnant 0ceea3f restore previous response context finalisation b7cae39 merge with 5.x a9fdea8 use textarea for csp field 20a5e7f Apply suggestions from code review 7056144 move addCspSource to bottom 76082c7 merge with 5.x e90cb34 do not call nonce statically 482cebd do not print line number if none given 4b83528 code style 35e1f6e Reuse HtmlAttributes (#5) dceaf2b Merge remote-tracking branch 'origin/5.x' into csp 9d2459b fix test dbac1d6 implement fallback logic for addSource 43ce805 add more tests f745ea2 fix accidental change 1874f78 set default-src 'self' as default policy b885a67 fix errors in inline generation a9f7b3b add Model annotations 40608d7 Merge remote-tracking branch 'origin/5.x' into csp 23a441d change translation 335d277 Merge remote-tracking branch 'origin/5.x' into csp 4fdd33f remove _script and _style components 27d5517 Merge remote-tracking branch 'origin/5.x' into csp e0c27eb remove comma 5f2fcb3 Fix the templates and the CI chain 0503587 Adjust the palettes b1766b6 Merge remote-tracking branch 'origin/5.x' into csp 25ad7c7 make tl_page.csp mandatory 8f892e0 always use 'document-uri' and always set an URL 284ed0c fix test Co-authored-by: Toflar <yanick.witschi@terminal42.ch> Co-authored-by: leofeyer <1192057+leofeyer@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.