class DenyTestAuthRequests in Drupal 10
Same name and namespace in other branches
- 8 core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests
- 9 core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests
Cache policy for pages requested with REST Test Auth.
This policy disallows caching of requests that use the REST Test Auth authentication provider for security reasons (just like basic_auth). Otherwise responses for authenticated requests can get into the page cache and could be delivered to unprivileged users.
Hierarchy
- class \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests implements RequestPolicyInterface
Expanded class hierarchy of DenyTestAuthRequests
See also
\Drupal\rest_test\Authentication\Provider\TestAuth
\Drupal\rest_test\Authentication\Provider\TestAuthGlobal
\Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
1 string reference to 'DenyTestAuthRequests'
- rest_test.services.yml in core/
modules/ rest/ tests/ modules/ rest_test/ rest_test.services.yml - core/modules/rest/tests/modules/rest_test/rest_test.services.yml
1 service uses DenyTestAuthRequests
- rest_test.page_cache_request_policy.deny_test_auth_requests in core/
modules/ rest/ tests/ modules/ rest_test/ rest_test.services.yml - Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests
File
- core/
modules/ rest/ tests/ modules/ rest_test/ src/ PageCache/ RequestPolicy/ DenyTestAuthRequests.php, line 20
Namespace
Drupal\rest_test\PageCache\RequestPolicyView source
class DenyTestAuthRequests implements RequestPolicyInterface {
/**
* {@inheritdoc}
*/
public function check(Request $request) {
if ($request->headers
->has('REST-test-auth') || $request->headers
->has('REST-test-auth-global')) {
return self::DENY;
}
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
DenyTestAuthRequests:: |
public | function |
Determines whether delivery of a cached page should be attempted. Overrides RequestPolicyInterface:: |
|
RequestPolicyInterface:: |
constant | Allow delivery of cached pages. | ||
RequestPolicyInterface:: |
constant | Deny delivery of cached pages. |