class RedirectLeadingSlashesSubscriber

Same name in other branches
  1. 9 core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php \Drupal\Core\EventSubscriber\RedirectLeadingSlashesSubscriber
  2. 10 core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php \Drupal\Core\EventSubscriber\RedirectLeadingSlashesSubscriber
  3. 11.x core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php \Drupal\Core\EventSubscriber\RedirectLeadingSlashesSubscriber

Redirects paths starting with multiple slashes to a single slash.

Hierarchy

Expanded class hierarchy of RedirectLeadingSlashesSubscriber

1 string reference to 'RedirectLeadingSlashesSubscriber'
core.services.yml in core/core.services.yml
core/core.services.yml
1 service uses RedirectLeadingSlashesSubscriber
redirect_leading_slashes_subscriber in core/core.services.yml
Drupal\Core\EventSubscriber\RedirectLeadingSlashesSubscriber

File

core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php, line 13

Namespace

Drupal\Core\EventSubscriber
View source 
class RedirectLeadingSlashesSubscriber implements EventSubscriberInterface {
    
    /**
     * Redirects paths starting with multiple slashes to a single slash.
     *
     * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
     *   The GetResponseEvent to process.
     */
    public function redirect(GetResponseEvent $event) {
        $request = $event->getRequest();
        // Get the requested path minus the base path.
        $path = $request->getPathInfo();
        // It is impossible to create a link or a route to a path starting with
        // multiple leading slashes. However if a form is added to the 404 page that
        // submits back to the same URI this presents an open redirect
        // vulnerability. Also, Drupal 7 renders the same page for
        // http://www.example.org/foo and http://www.example.org////foo.
        if (strpos($path, '//') === 0) {
            $path = '/' . ltrim($path, '/');
            $qs = $request->getQueryString();
            if ($qs) {
                $qs = '?' . $qs;
            }
            $event->setResponse(new CacheableRedirectResponse($request->getUriForPath($path) . $qs));
        }
    }
    
    /**
     * {@inheritdoc}
     */
    public static function getSubscribedEvents() {
        $events[KernelEvents::REQUEST][] = [
            'redirect',
            1000,
        ];
        return $events;
    }

}

Members

Title Modifiers Object type Summary
RedirectLeadingSlashesSubscriber::getSubscribedEvents public static function
RedirectLeadingSlashesSubscriber::redirect public function Redirects paths starting with multiple slashes to a single slash.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.