PHP Symfony-内部过滤器,检查操作是否安全?
如何检查我调用的操作是否在security.yml中得到保护 security.yml filter.yml 现在在myFilter中,我想检查操作是否安全PHP Symfony-内部过滤器,检查操作是否安全?,php,security,symfony1,Php,Security,Symfony1,如何检查我调用的操作是否在security.yml中得到保护 security.yml filter.yml 现在在myFilter中,我想检查操作是否安全 class myFilter extends sfFilter { public function execute($filterChain) { if ($this->getContext()->is_secure === false) { $filterChain->execute();
class myFilter extends sfFilter
{
public function execute($filterChain)
{
if ($this->getContext()->is_secure === false) {
$filterChain->execute();
}
// ...
}
}
这意味着$this->getContext->getController->getAction->isSecure应该这样做
这意味着$this->getContext->getController->getAction->isSecure应该执行此操作。正确的处理方法是将筛选器的类型设置为安全性:
myFilter:
class: myFilter
param:
type: security
您的筛选器将仅在secured is_secure:true操作上执行。
有关更多信息,请查看sfFilterConfigHandler.class.php源代码。处理此问题的正确方法是将筛选器的类型设置为安全性:
myFilter:
class: myFilter
param:
type: security
您的筛选器将仅在secured is_secure:true操作上执行。
查看sfFilterConfigHandler.class.php源代码以了解更多信息。我同时发现:$this->context->getController->getActionStack->getLastEntry->getActionInstance->getSecurityValue'is_secure';我试图在一个应用程序模板中获得这个值,答案@tilman found也对我有用:$sf_context->getController->getActionStack->getLastEntry->getActionInstance->getSecurityValue'is_secure';同时我发现:$this->context->getController->getActionStack->getLastEntry->getActionInstance->getSecurityValue'is_secure';我试图在一个应用程序模板中获得这个值,答案@tilman found也对我有用:$sf_context->getController->getActionStack->getLastEntry->getActionInstance->getSecurityValue'is_secure';
greg@liche :) ~/source/symfony/1.4 > ack "public function isSecure" --type="php"
lib/request/sfWebRequest.class.php
545: public function isSecure()
lib/action/sfAction.class.php
407: public function isSecure()
test/unit/helper/AssetHelperTest.php
29: public function isSecure()
test/unit/helper/UrlHelperTest.php
30: public function isSecure()
greg@liche :( ~/source/symfony/1.4 > ack "public function getAction\(" --type="php"
lib/controller/sfController.class.php
258: public function getAction($moduleName, $actionName)
greg@liche :) ~/source/symfony/1.4 > ack "public function getController\(" --type="php"
lib/util/sfContext.class.php
243: public function getController(
myFilter:
class: myFilter
param:
type: security