Turned RequestCleaner into an event subscriber.

classes/Provider/Gateways/RequestCleaner.php → classes/Infrastructure/Event/RequestCleanerListener.php

@@ -11,13 +11,14 @@
  * @see https://github.com/opencfp/opencfp
  */
 
-namespace OpenCFP\Provider\Gateways;
+namespace OpenCFP\Infrastructure\Event;
 
 use HTMLPurifier;
-use Silex\Application;
-use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\HttpKernel\Event\GetResponseEvent;
+use Symfony\Component\HttpKernel\KernelEvents;
 
-class RequestCleaner
+class RequestCleanerListener implements EventSubscriberInterface
 {
     /**
      * @var HTMLPurifier
@@ -32,29 +33,37 @@ public function __construct(HTMLPurifier $purifier)
         $this->purifier = $purifier;
     }
 
-    public function __invoke(Request $request, Application $app)
+    public static function getSubscribedEvents()
     {
+        return [
+            KernelEvents::REQUEST => 'onKernelRequest',
+        ];
+    }
+
+    public function onKernelRequest(GetResponseEvent $event)
+    {
+        $request = $event->getRequest();
+
         $request->query->replace($this->clean($request->query->all()));
         $request->request->replace($this->clean($request->request->all()));
     }
 
-    /**
-     * @param array $data
-     */
-    private function clean(array $data)
+    private function clean(array $data): array
     {
         $sanitized = [];
 
         foreach ($data as $key => $value) {
             if (\is_array($value)) {
                 $sanitized[$key] = $this->clean($value);
-            } else {
-                $sanitized[$key] = \preg_replace(
-                    ['/&/', '/<\b/', '/\b>/'],
-                    ['&', '<', '>'],
-                    $this->purifier->purify($value)
-                );
+
+                continue;
             }
+
+            $sanitized[$key] = \preg_replace(
+                ['/&amp;/', '/&lt;\b/', '/\b&gt;/'],
+                ['&', '<', '>'],
+                $this->purifier->purify($value)
+            );
         }
 
         return $sanitized;

classes/Provider/Gateways/WebGatewayProvider.php

@@ -32,6 +32,7 @@
 use OpenCFP\Http\View\TalkHelper;
 use OpenCFP\Infrastructure\Auth\CsrfValidator;
 use OpenCFP\Infrastructure\Event\AuthenticationListener;
+use OpenCFP\Infrastructure\Event\RequestCleanerListener;
 use Pimple\Container;
 use Pimple\ServiceProviderInterface;
 use Silex\Api\BootableProviderInterface;
@@ -183,8 +184,6 @@ public function boot(Application $app)
         /* @var $web ControllerCollection */
         $web = $app['controllers_factory'];
 
-        $app->before(new RequestCleaner($app['purifier']));
-
         if ($app->config('application.secure_ssl')) {
             $app->requireHttps();
         }
@@ -343,5 +342,8 @@ public function subscribe(Container $app, EventDispatcherInterface $dispatcher)
             $app[Authentication::class],
             $app['url_generator']
         ));
+        $dispatcher->addSubscriber(new RequestCleanerListener(
+            $app['purifier']
+        ));
     }
 }

tests/Unit/ProjectCodeTest.php

@@ -65,13 +65,13 @@ public function testProductionClassesHaveUnitTests()
                 Http\View\TalkHelper::class,
                 Infrastructure\Event\AuthenticationListener::class,
                 Infrastructure\Event\ExceptionListener::class,
+                Infrastructure\Event\RequestCleanerListener::class,
                 Infrastructure\Event\TwigGlobalsListener::class,
                 Infrastructure\Templating\TwigExtension::class,
                 Provider\ApplicationServiceProvider::class,
                 Provider\CallForPapersProvider::class,
                 Provider\ControllerResolver::class,
                 Provider\ControllerResolverServiceProvider::class,
-                Provider\Gateways\RequestCleaner::class,
                 Provider\Gateways\WebGatewayProvider::class,
                 Provider\HtmlPurifierServiceProvider::class,
                 Provider\ImageProcessorProvider::class,