ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilDelegatingHandler.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
22use Whoops\Handler\HandlerInterface;
23
35final class ilDelegatingHandler extends Handler
36{
37 private ?HandlerInterface $current_handler = null;
38
42 public function __construct(
43 private readonly ilErrorHandling $error_handling,
44 private readonly array $sensitive_data = []
45 ) {
46 }
47
48 private function hideSensitiveData(array $key_value_pairs): array
49 {
50 foreach ($key_value_pairs as $key => &$value) {
51 if (is_array($value)) {
52 $value = $this->hideSensitiveData($value);
53 }
54
55 if (is_string($value) && in_array($key, $this->sensitive_data, true)) {
56 $value = 'REMOVED FOR SECURITY';
57 }
58
59 if ($key === 'PHPSESSID' && is_string($value)) {
60 $value = substr($value, 0, 5) . ' (SHORTENED FOR SECURITY)';
61 }
62
63 if ($key === 'HTTP_COOKIE') {
64 $cookie_content = explode(';', $value);
65 foreach ($cookie_content as &$cookie_pair_string) {
66 $cookie_pair = explode('=', $cookie_pair_string);
67 if (trim($cookie_pair[0]) === session_name()) {
68 $cookie_pair[1] = substr($cookie_pair[1], 0, 5) . ' (SHORTENED FOR SECURITY)';
69 $cookie_pair_string = implode('=', $cookie_pair);
70 }
71 }
72 $value = implode(';', $cookie_content);
73 }
74 }
75
76 return $key_value_pairs;
77 }
78
86 public function handle(): ?int
87 {
88 if (defined("IL_INITIAL_WD")) {
89 chdir(IL_INITIAL_WD);
90 }
91
92 /* We must cast the superglobals back to normal arrays since the error handler needs them. They were replaced by
93 SuperGlobalDropInReplacement . The keys contain NULL bytes, so accessing values directly by key is not
94 really possible */
95 $_GET = $this->hideSensitiveData((array) $_GET);
96 $_POST = $this->hideSensitiveData((array) $_POST);
97 $_COOKIE = $this->hideSensitiveData((array) $_COOKIE);
98 $_REQUEST = $this->hideSensitiveData((array) $_REQUEST);
99
101
102 $this->current_handler = $this->error_handling->getHandler();
103 $this->current_handler->setRun($this->getRun());
104 $this->current_handler->setException($this->getException());
105 $this->current_handler->setInspector($this->getInspector());
106 return $this->current_handler->handle();
107 }
108
113 public function contentType(): ?string
114 {
115 if ($this->current_handler === null ||
116 !method_exists($this->current_handler, 'contentType')) {
117 return null;
118 }
119
120 return $this->current_handler->contentType();
121 }
122}
A Whoops error handler that delegates calls on it self to another handler that is created only in the...
__construct(private readonly ilErrorHandling $error_handling, private readonly array $sensitive_data=[])
hideSensitiveData(array $key_value_pairs)
contentType()
This is an implicit interface method of the Whoops handlers.
handle()
Last missing method from HandlerInterface.
Error Handling & global info handling.
$_GET['cmd']
Definition: lti.php:26
$_POST['cmd']
Definition: lti.php:27
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26
$_COOKIE[session_name()]
Definition: xapitoken.php:54