geckon01/simple-php-router
1
0
Fork 0
mirror of https://github.com/skipperbent/simple-php-router.git synced 2026-06-15 18:23:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

Development

Browse Source 
- Updated `helpers.php` and helpers example in documentation.
- MalformedUrlException is now handled properly by Router to avoid phpStorm syntax highlights in routes.
- Added `getUrlCopy` to `Request` class, used to clone the current route (to keep domain etc.)
- `setUrl` in `Request` are now strict and requires `Url` object and no longer accepts strings.
- Renamed `hasRewrite` property to `hasPendingRewrite` in `Request` class.
- Renamed `hasRewrite` and `setHasRewrite` methods to `hasPendingRewrite` and `setHasPendingRewrite` in `Request` class.
- Added better usage of `Url` class. When calling `url` you can now use the methods on the `Url` class to filter params, get relative/absolute url etc. See documentation for more info.
- Renamed `get` method to `getValue` in `InputHandler` class.
- Renamed `getObject` to `get` and removed `$defaultValue` argument in `InputHandler` class.
- Optimized `InputHandler` class.
- Fixed issue with `$token` not being proper string in `BaseCsrfVerifier` when token is not found.
- Added php.ini configuration settings to `setcookie` in `CookieTokenProvider` for improved security.
- Added `$router` parameter to `boot` method in `IRouterBootManager` which allows for further manipulation of the router within the bootmanager.
- Renamed `$processingRoute` property to `$isProcessingRoute` in `Router` class.
- Fixed `reset` method not resetting CSRF-verifier in `Router` class.
- Moved `arrayToParams` helper-method from `Router` to `Url` class.
- Began to add Event-functionality to router.
- Added `addEventHandler` method to `SimpleRouter` class.
- Moved `Pecee\SimpleRouter\Handler\CallbackExceptionHandler` to `Pecee\SimpleRouter\Handlers\CallbackExceptionHandler`.
- Moved `Pecee\SimpleRouter\Handler\IExceptionHandler` to `Pecee\SimpleRouter\Handlers\IExceptionHandler`.
- Added Events section to documentation.
- Added more information on url-handling in documentation.
- Optimisations.
This commit is contained in:
Simon Sessingø
2018-03-29 18:17:42 +02:00
parent aa56d45f9c
commit a9c03f9271
35 changed files with 1528 additions and 489 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/Pecee/Http/Middleware/BaseCsrfVerifier.php
View File

@@ -67,14 +67,13 @@ class BaseCsrfVerifier implements IMiddleware
if ($this->skip($request) === false && \in_array($request->getMethod(), ['post', 'put', 'delete'], true) === true) {
$token = $request->getInputHandler()->get(static::POST_KEY, null, 'post');
$token = $request->getInputHandler()->getValue(
static::POST_KEY,
$request->getHeader(static::HEADER_KEY),
'post'
);
// If the token is not posted, check headers for valid x-csrf-token
if ($token === null) {
$token = $request->getHeader(static::HEADER_KEY);
}
if ($this->tokenProvider->validate($token) === false) {
if ($this->tokenProvider->validate((string)$token) === false) {
throw new TokenMismatchException('Invalid CSRF-token.');
}