[FrameworkBundle] Enable possibility to run PHP bultin server in production env #7507

Closed
wants to merge 2 commits into from

1 participant

@canni

See the referenced ticket for discussion;

Q A
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #7430
License MIT
@stof stof commented on an outdated diff Mar 28, 2013
...y/Bundle/FrameworkBundle/Command/ServerRunCommand.php
@@ -78,10 +78,21 @@ protected function configure()
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
+ $env = $this->getContainer()->getParameter('kernel.environment');
+
+ if ('prod' === $env) {
+ $output->writeln(
+ '<error>Running PHP bultin server in production environment is NOT secure!</error>'
@stof
Symfony member
stof added a note Mar 28, 2013

typo here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@canni

@stof corrected thx

@fabpot fabpot commented on an outdated diff Apr 1, 2013
...y/Bundle/FrameworkBundle/Command/ServerRunCommand.php
@@ -78,10 +78,21 @@ protected function configure()
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
+ $env = $this->getContainer()->getParameter('kernel.environment');
+
+ if ('prod' === $env) {
+ $output->writeln(
+ '<error>Running PHP built-in server in production environment is NOT secure!</error>'
@fabpot
Symfony member
fabpot added a note Apr 1, 2013

Can you put everything on the same line? Also, it's not just about it being not secure, so I think something like "Running the PHP built-in server in a production environment is NOT recommended" would be better.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@fabpot fabpot commented on the diff Apr 1, 2013
...y/Bundle/FrameworkBundle/Command/ServerRunCommand.php
$router = $input->getOption('router') ?: $this
->getContainer()
->get('kernel')
- ->locateResource('@FrameworkBundle/Resources/config/router.php')
+ ->locateResource(sprintf(
@fabpot
Symfony member
fabpot added a note Apr 1, 2013

Same as above, the whole method call should be on the same line.

@merk
merk added a note Apr 1, 2013

Should there be error handling if someone tries to run this command in another environment and the router doesnt exist?

@canni
canni added a note Apr 1, 2013

Someone will see nice error about failed resource lock-up, not some "require" fatal :)

@stof
Symfony member
stof added a note Apr 4, 2013

Thus, you can probably create it in app/Resources/FrameworkBundle/config/router_my_env.php for other environments. So letting the resource locator handle missing files is easier.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@fabpot fabpot commented on an outdated diff Apr 1, 2013
...ndle/FrameworkBundle/Resources/config/router_prod.php
+ * file that was distributed with this source code.
+ */
+
+/*
+ * This file implements rewrite rules for PHP built-in web server.
+ *
+ * See: http://www.php.net/manual/en/features.commandline.webserver.php
+ *
+ * If you have custom directory layout, then you have to write your own router
+ * and pass it as a value to 'router' option of server:run command.
+ *
+ * @author: Michał Pipa <michal.pipa.xsolve@gmail.com>
+ * @author: Albert Jessurum <ajessu@gmail.com>
+ */
+
+if (is_file($_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR . $_SERVER['SCRIPT_NAME'])) {
@fabpot
Symfony member
fabpot added a note Apr 1, 2013

we don't put whitespace before and after a dot in Symfony.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@canni

@fabpot corrected

@fabpot fabpot added a commit that referenced this pull request Apr 9, 2013
@fabpot fabpot merged branch canni/prod_server (PR #7507)
This PR was squashed before being merged into the master branch (closes #7507).

Discussion
----------

[FrameworkBundle] Enable possibility to run PHP bultin server in production env

See the referenced ticket for discussion;

| Q             | A
| ------------- | ---
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #7430
| License       | MIT

Commits
-------

12fce13 [FrameworkBundle] Enable possibility to run PHP bultin server in production env
17e065f
@fabpot fabpot added a commit that closed this pull request Apr 9, 2013
@fabpot fabpot merged branch canni/prod_server (PR #7507)
This PR was squashed before being merged into the master branch (closes #7507).

Discussion
----------

[FrameworkBundle] Enable possibility to run PHP bultin server in production env

See the referenced ticket for discussion;

| Q             | A
| ------------- | ---
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #7430
| License       | MIT

Commits
-------

12fce13 [FrameworkBundle] Enable possibility to run PHP bultin server in production env
17e065f
@fabpot fabpot closed this in 17e065f Apr 9, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment