class DenyTestAuthRequests

Same name in other branches

9 core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests
8.9.x core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests
11.x core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests

Cache policy for pages requested with REST Test Auth.

This policy disallows caching of requests that use the REST Test Auth authentication provider for security reasons (just like basic_auth). Otherwise responses for authenticated requests can get into the page cache and could be delivered to unprivileged users.

Hierarchy

class \Drupal\rest_test\PageCache\RequestPolicy\DenyTestAuthRequests implements \Drupal\Core\PageCache\RequestPolicyInterface

Expanded class hierarchy of DenyTestAuthRequests

File

core/modules/rest/tests/modules/rest_test/src/PageCache/RequestPolicy/DenyTestAuthRequests.php, line 20

Namespace

Drupal\rest_test\PageCache\RequestPolicy

View source

class DenyTestAuthRequests implements RequestPolicyInterface {
    
    /**
     * {@inheritdoc}
     */
    public function check(Request $request) {
        if ($request->headers
            ->has('REST-test-auth') || $request->headers
            ->has('REST-test-auth-global')) {
            return self::DENY;
        }
    }

}

Members

Title Sort descending	Modifiers	Object type	Summary
DenyTestAuthRequests::check	public	function

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.

class DenyTestAuthRequests

Hierarchy

See also

File

Namespace

Members

Search drupal 10

API Navigation

Breadcrumb

class DenyTestAuthRequests

Hierarchy

See also

File

Namespace

Members

Search drupal 10

API Navigation