Page Menu
Home
WMGMC Issues
搜索
Configure Global Search
登录
Files
F16184
SandboxExtension.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
订阅
标记用于日后
授予令牌
Size
3 KB
Referenced Files
None
订阅者
None
SandboxExtension.php
View Options
<?php
/*
* This file is part of Twig.
*
* (c) Fabien Potencier
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace
Twig\Extension
;
use
Twig\NodeVisitor\SandboxNodeVisitor
;
use
Twig\Sandbox\SecurityNotAllowedMethodError
;
use
Twig\Sandbox\SecurityNotAllowedPropertyError
;
use
Twig\Sandbox\SecurityPolicyInterface
;
use
Twig\Sandbox\SourcePolicyInterface
;
use
Twig\Source
;
use
Twig\TokenParser\SandboxTokenParser
;
final
class
SandboxExtension
extends
AbstractExtension
{
private
$sandboxedGlobally
;
private
$sandboxed
;
private
$policy
;
private
$sourcePolicy
;
public
function
__construct
(
SecurityPolicyInterface
$policy
,
$sandboxed
=
false
,
?
SourcePolicyInterface
$sourcePolicy
=
null
)
{
$this
->
policy
=
$policy
;
$this
->
sandboxedGlobally
=
$sandboxed
;
$this
->
sourcePolicy
=
$sourcePolicy
;
}
public
function
getTokenParsers
():
array
{
return
[
new
SandboxTokenParser
()];
}
public
function
getNodeVisitors
():
array
{
return
[
new
SandboxNodeVisitor
()];
}
public
function
enableSandbox
():
void
{
$this
->
sandboxed
=
true
;
}
public
function
disableSandbox
():
void
{
$this
->
sandboxed
=
false
;
}
public
function
isSandboxed
(?
Source
$source
=
null
):
bool
{
return
$this
->
sandboxedGlobally
||
$this
->
sandboxed
||
$this
->
isSourceSandboxed
(
$source
);
}
public
function
isSandboxedGlobally
():
bool
{
return
$this
->
sandboxedGlobally
;
}
private
function
isSourceSandboxed
(?
Source
$source
):
bool
{
if
(
null
===
$source
||
null
===
$this
->
sourcePolicy
)
{
return
false
;
}
return
$this
->
sourcePolicy
->
enableSandbox
(
$source
);
}
public
function
setSecurityPolicy
(
SecurityPolicyInterface
$policy
)
{
$this
->
policy
=
$policy
;
}
public
function
getSecurityPolicy
():
SecurityPolicyInterface
{
return
$this
->
policy
;
}
public
function
checkSecurity
(
$tags
,
$filters
,
$functions
,
?
Source
$source
=
null
):
void
{
if
(
$this
->
isSandboxed
(
$source
))
{
$this
->
policy
->
checkSecurity
(
$tags
,
$filters
,
$functions
);
}
}
public
function
checkMethodAllowed
(
$obj
,
$method
,
int
$lineno
=
-
1
,
?
Source
$source
=
null
):
void
{
if
(
$this
->
isSandboxed
(
$source
))
{
try
{
$this
->
policy
->
checkMethodAllowed
(
$obj
,
$method
);
}
catch
(
SecurityNotAllowedMethodError
$e
)
{
$e
->
setSourceContext
(
$source
);
$e
->
setTemplateLine
(
$lineno
);
throw
$e
;
}
}
}
public
function
checkPropertyAllowed
(
$obj
,
$property
,
int
$lineno
=
-
1
,
?
Source
$source
=
null
):
void
{
if
(
$this
->
isSandboxed
(
$source
))
{
try
{
$this
->
policy
->
checkPropertyAllowed
(
$obj
,
$property
);
}
catch
(
SecurityNotAllowedPropertyError
$e
)
{
$e
->
setSourceContext
(
$source
);
$e
->
setTemplateLine
(
$lineno
);
throw
$e
;
}
}
}
public
function
ensureToStringAllowed
(
$obj
,
int
$lineno
=
-
1
,
?
Source
$source
=
null
)
{
if
(
$this
->
isSandboxed
(
$source
)
&&
$obj
instanceof
\Stringable
)
{
try
{
$this
->
policy
->
checkMethodAllowed
(
$obj
,
'__toString'
);
}
catch
(
SecurityNotAllowedMethodError
$e
)
{
$e
->
setSourceContext
(
$source
);
$e
->
setTemplateLine
(
$lineno
);
throw
$e
;
}
}
return
$obj
;
}
}
File Metadata
详情
附加的
Mime Type
text/x-php
Expires
9月 12 Fri, 2:46 AM (1 d, 7 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5648
默认替代文本
SandboxExtension.php (3 KB)
Attached To
Mode
rMAILCOW mailcow-tracking
附加的
Detach File
Event Timeline
Log In to Comment