class DisallowBasicAuthRequests in Drupal 9
Same name and namespace in other branches
- 8 core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
- 10 core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
Cache policy for pages served from basic auth.
This policy disallows caching of requests that use basic_auth for security reasons. Otherwise responses for authenticated requests can get into the page cache and could be delivered to unprivileged users.
Hierarchy
- class \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests implements RequestPolicyInterface
Expanded class hierarchy of DisallowBasicAuthRequests
1 string reference to 'DisallowBasicAuthRequests'
- basic_auth.services.yml in core/
modules/ basic_auth/ basic_auth.services.yml - core/modules/basic_auth/basic_auth.services.yml
1 service uses DisallowBasicAuthRequests
File
- core/
modules/ basic_auth/ src/ PageCache/ DisallowBasicAuthRequests.php, line 15
Namespace
Drupal\basic_auth\PageCacheView source
class DisallowBasicAuthRequests implements RequestPolicyInterface {
/**
* {@inheritdoc}
*/
public function check(Request $request) {
$username = $request->headers
->get('PHP_AUTH_USER');
$password = $request->headers
->get('PHP_AUTH_PW');
if (isset($username) && isset($password)) {
return self::DENY;
}
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
DisallowBasicAuthRequests:: |
public | function |
Determines whether delivery of a cached page should be attempted. Overrides RequestPolicyInterface:: |
|
RequestPolicyInterface:: |
constant | Allow delivery of cached pages. | ||
RequestPolicyInterface:: |
constant | Deny delivery of cached pages. |