You are here

Home » API reference » http:BL 8 » HttpblResponse.php » HttpblResponse

public function HttpblResponse::buildHttpblResponse in http:BL 8

Build a new HttpblResponse based on evaluation status.

Parameters

string $ip: The IP address to evaluate.

object|\Symfony\Component\HttpFoundation\Request $request: The incoming http request.

object|\Symfony\Component\HttpKernel\HttpKernel $defaultResponse: The default http response.

array $evaluated: Contains a boolean of whether the evaluation has happened, and the resulting evaluated status.

Return value

object $httpblResponse A rebuilt response.

Overrides HttpblResponseInterface::buildHttpblResponse

File

src/HttpblResponse.php, line 46

Class

HttpblResponse
HttpblResponse builds the final response to request.

Namespace

Drupal\httpbl

Code

public function buildHttpblResponse($ip, SymfonyRequest $request, $defaultResponse, $evaluated = NULL) {

  // If evaluation indicates a safe visitor...
  if (isset($evaluated) && $evaluated[0] == 'evaluated' && $evaluated[1] == (int) HTTPBL_LIST_SAFE) {

    // Then nothing to do, so return the default response.
    return $defaultResponse;
  }

  // If evaluation indicates a blacklisted visitor...
  if (isset($evaluated) && $evaluated[0] == 'evaluated' && $evaluated[1] == HTTPBL_LIST_BLACK) {

    // Build a response that includes a link the visitor's profile on Project
    // Honey Pot.  If they're human they'll see why they were blacklisted (if
    // they don't already know).
    $ipurl = self::honeypot_ipdata($ip, FALSE);

    // Also place a honeypot on the response, in case visitor is not human.
    $honeypot = t(self::buildHoneypot());

    // Retreive the pre-formatted blacklist message from the config settings.
    $message = \Drupal::state()
      ->get('httpbl.message_black');

    // Build the new response and return it.
    $httpblResponse = new SymfonyResponse(new FormattableMarkup($message, [
      '@ip' => $ip,
      '@request' => $request
        ->getRequestUri(),
      '@ipurl' => $ipurl,
      '@honeypot' => $honeypot,
    ]), 403);
    return $httpblResponse;
  }

  // If evaluation indicates a grey-listed visitor...
  if (isset($evaluated) && $evaluated[0] == 'evaluated' && $evaluated[1] == HTTPBL_LIST_GREY) {

    // Build a response that includes a link the visitor's profile on Project
    // Honey Pot.  If they're human they'll see why they were grey-listed.
    $ipurl = self::honeypot_ipdata($ip, FALSE);

    // Build a link to the white-list challenge form.
    // Note:  We are doing this before all services are available, so we'll do
    // it the quick, old fashioned way.
    // Note 2: Once this link is set up for the visitor, it's the only valid
    // request the evaluator will accept from a grey-listed visitor.  In other
    // words, to get a 200 Response, they have to click the challenge link.
    // From that point on, the White-list challenge form will decide the next
    // step; they will either be white-listed on a session basis if they pass
    // the challenge, or blacklisted (and possibly banned) if they fail.
    $whitelistLink = t('/httpbl/whitelist');

    // Also place a honeypot on the response, in case visitor is not human.
    $honeypot = t(self::buildHoneypot());

    // Retreive the pre-formatted greylist message from the config settings.
    $message = \Drupal::state()
      ->get('httpbl.message_grey');

    // Build the new response and return it.
    $httpblResponse = new SymfonyResponse(new FormattableMarkup($message, [
      '@ip' => $ip,
      '@request' => $request
        ->getRequestUri(),
      '@ipurl' => $ipurl,
      '@whitelistUrl' => $whitelistLink,
      '@honeypot' => $honeypot,
    ]), 428);
    return $httpblResponse;
  }

  // Below is to handle any possible failure resulting in a non-evaluated
  // session getting passed through this function.
  $honeypot = t(self::buildHoneypot());
  $httpblResponse = new SymfonyResponse(new FormattableMarkup('<h1>Not Extended (510)</h1>Default fail for @ip. HttpblResponse did not receive an evaluated request!@honeypot', [
    '@ip' => $ip,
    '@request' => $request
      ->getRequestUri(),
    '@honeypot' => $honeypot,
  ]), 510);

  // Log this failure as critical!
  // Somehow we got here without any valid evaluation results.  That means
  // something is broken.
  //
  // Note that despite the evaluation failure, a positive hit on honeypot
  // still results in the host being stored in our table.  In other words,
  // the failure only affects the response that the visitor would see.
  $this->logTrapper
    ->trapCritical('HttpBL Server Error 510 (Not Extended):Default fail for @ip. HttpblResponse received an invalid evaluation result for request  @request! Requested evaluation result was ("@r1" - @r2).', [
    '@ip' => $ip,
    '@request' => $request
      ->getRequestUri(),
    '@r1' => $evaluated[0],
    '@r2' => $evaluated[1],
  ]);
  return $httpblResponse;
}