class DisallowBasicAuthRequests in Drupal 10
Same name and namespace in other branches
- 8 core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
- 9 core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
Cache policy for pages served from basic auth.
This policy disallows caching of requests that use basic_auth for security reasons. Otherwise responses for authenticated requests can get into the page cache and could be delivered to unprivileged users.
Hierarchy
- class \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests implements \Drupal\Core\PageCache\RequestPolicyInterface
Expanded class hierarchy of DisallowBasicAuthRequests
1 string reference to 'DisallowBasicAuthRequests'
- basic_auth.services.yml in core/
modules/ basic_auth/ basic_auth.services.yml - core/modules/basic_auth/basic_auth.services.yml
1 service uses DisallowBasicAuthRequests
File
- core/
modules/ basic_auth/ src/ PageCache/ DisallowBasicAuthRequests.php, line 15
Namespace
Drupal\basic_auth\PageCacheView source
class DisallowBasicAuthRequests implements RequestPolicyInterface {
/**
* {@inheritdoc}
*/
public function check(Request $request) {
$username = $request->headers
->get('PHP_AUTH_USER');
$password = $request->headers
->get('PHP_AUTH_PW');
if (isset($username) && isset($password)) {
return self::DENY;
}
}
}