This repository has been archived by the owner on Dec 4, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
12 changed files
with
258 additions
and
220 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,19 @@ | ||
extensions: | ||
roadrunner: Mallgroup\RoadRunner\DI\Extension | ||
|
||
services: | ||
# register any Psr7 factory implementation | ||
- GuzzleHttp\Psr7\HttpFactory | ||
|
||
roadrunner: | ||
showExceptions: true | ||
middlewares: | ||
- TracyMiddleware | ||
- SessionMiddleware | ||
- PsrApplication | ||
# safety net middleware trying to prevent accidental stdout leak | ||
# RoadRunner in pipe mode uses stdin/stdout for comunications | ||
- Mallgroup\RoadRunner\Middlewares\OutputBufferMiddleware() | ||
# safety net middleware trying to prevent accidental application exception | ||
# it will catch, log and respond with generic 500 message or a tracy bluescreen | ||
- Mallgroup\RoadRunner\Middlewares\TryCatchMiddleware(%debugMode%) | ||
# Nette http/sessions extension companion middleware | ||
# this middleware will start, close and clean sessions between requests preventing leaks | ||
# and it will write session cookie into the response | ||
- Mallgroup\RoadRunner\Middlewares\SessionMiddleware() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
<?php | ||
|
||
namespace Mallgroup\RoadRunner\Middlewares; | ||
|
||
use Mallgroup\RoadRunner\Http\IRequest; | ||
use Mallgroup\RoadRunner\Http\IResponse; | ||
use Psr\Http\Message\ResponseInterface; | ||
use Psr\Http\Message\ServerRequestInterface; | ||
use Psr\Http\Server\MiddlewareInterface; | ||
use Psr\Http\Server\RequestHandlerInterface; | ||
|
||
class NetteInitializeMiddleware implements MiddlewareInterface | ||
{ | ||
public function __construct( | ||
private IRequest $httpRequest, | ||
private IResponse $httpResponse, | ||
) { | ||
} | ||
|
||
public function process( | ||
ServerRequestInterface $request, | ||
RequestHandlerInterface $handler, | ||
): ResponseInterface { | ||
$this->httpResponse->cleanup(); | ||
$this->httpRequest->updateFromPsr($request); | ||
|
||
return $handler->handle($request); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
<?php | ||
|
||
namespace Mallgroup\RoadRunner\Middlewares; | ||
|
||
use Psr\Http\Message\ResponseInterface; | ||
use Psr\Http\Message\ServerRequestInterface; | ||
use Psr\Http\Server\MiddlewareInterface; | ||
use Psr\Http\Server\RequestHandlerInterface; | ||
use Psr\Log\LoggerInterface; | ||
|
||
class OutputBufferMiddleware implements MiddlewareInterface | ||
{ | ||
public function __construct( | ||
private ?LoggerInterface $logger = null, | ||
) { | ||
} | ||
|
||
public function process( | ||
ServerRequestInterface $request, | ||
RequestHandlerInterface $handler, | ||
): ResponseInterface { | ||
try { | ||
ob_start(); | ||
return $handler->handle($request); | ||
} finally { | ||
$content = ob_get_clean(); | ||
if ($content) { | ||
$this->logger?->warning( | ||
'Unexpected output found on request, you are pushing to output instead of Response', | ||
[ | ||
'length' => strlen($content), | ||
'content' => substr($content, 0, 300) . (strlen($content) > 300 ? '... (shorted)' : ''), | ||
], | ||
); | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
<?php | ||
declare(strict_types=1); | ||
|
||
namespace Mallgroup\RoadRunner\Middlewares; | ||
|
||
use Nette\Http\IResponse; | ||
use Nette\Http\Session; | ||
use Psr\Http\Message\ResponseInterface; | ||
use Psr\Http\Message\ServerRequestInterface; | ||
use Psr\Http\Server\MiddlewareInterface; | ||
use Psr\Http\Server\RequestHandlerInterface; | ||
use RuntimeException; | ||
|
||
class SessionMiddleware implements MiddlewareInterface | ||
{ | ||
public function __construct(private Session $session, private IResponse $response) | ||
{ | ||
$this->session->setOptions($this->session->getOptions() + ['cache_limiter' => '']); | ||
} | ||
|
||
/** | ||
* Process a server request and return a response. | ||
*/ | ||
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface | ||
{ | ||
if (session_status() === PHP_SESSION_ACTIVE || session_id() || !empty($_SESSION)) { | ||
throw new RuntimeException('Potential session leak.'); | ||
} | ||
|
||
$this->session->start(); | ||
|
||
$this->sendCookie(); | ||
|
||
try { | ||
return $handler->handle($request); | ||
} finally { | ||
$this->session->close(); | ||
|
||
// convince Nette Session to read the cookies | ||
session_id(''); | ||
// clear the previous session | ||
$_SESSION = []; | ||
} | ||
} | ||
|
||
/** | ||
* Sends the session cookies. | ||
*/ | ||
private function sendCookie(): void | ||
{ | ||
$cookie = session_get_cookie_params(); | ||
$this->response->setCookie( | ||
session_name(), | ||
session_id(), | ||
$cookie['lifetime'] ? $cookie['lifetime'] + time() : 0, | ||
$cookie['path'], | ||
$cookie['domain'], | ||
$cookie['secure'], | ||
$cookie['httponly'], | ||
$cookie['samesite'] ?? null, | ||
); | ||
} | ||
} |
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.