protected function FragmentListener::validateRequest

1 call to FragmentListener::validateRequest()
FragmentListener::onKernelRequest in drupal/core/vendor/symfony/http-kernel/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
Fixes request attributes when the path is '/_fragment'.

File

drupal/core/vendor/symfony/http-kernel/Symfony/Component/HttpKernel/EventListener/FragmentListener.php, line 73

Class

FragmentListener
Handles content fragments represented by special URIs.

Namespace

Symfony\Component\HttpKernel\EventListener

Code

protected function validateRequest(Request $request) {

  // is the Request safe?
  if (!$request
    ->isMethodSafe()) {
    throw new AccessDeniedHttpException();
  }

  // does the Request come from a trusted IP?
  $trustedIps = array_merge($this
    ->getLocalIpAddresses(), $request
    ->getTrustedProxies());
  $remoteAddress = $request->server
    ->get('REMOTE_ADDR');
  if (IpUtils::checkIp($remoteAddress, $trustedIps)) {
    return;
  }

  // is the Request signed?
  // we cannot use $request->getUri() here as we want to work with the original URI (no query string reordering)
  if ($this->signer
    ->check($request
    ->getSchemeAndHttpHost() . $request
    ->getBaseUrl() . $request
    ->getPathInfo() . (null !== ($qs = $request->server
    ->get('QUERY_STRING')) ? '?' . $qs : ''))) {
    return;
  }
  throw new AccessDeniedHttpException();
}