ILIAS  trunk Revision v11.0_alpha-2662-g519ff7d528f
class.ilDelegatingHandler.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use Whoops\Handler\Handler;
22 use Whoops\Handler\HandlerInterface;
23 
35 final class ilDelegatingHandler extends Handler
36 {
37  private ?HandlerInterface $current_handler = null;
38 
42  public function __construct(
43  private readonly ilErrorHandling $error_handling,
44  private readonly array $sensitive_data = []
45  ) {
46  }
47 
48  private function hideSensitiveData(array $key_value_pairs): array
49  {
50  foreach ($key_value_pairs as $key => &$value) {
51  if (is_array($value)) {
52  $value = $this->hideSensitiveData($value);
53  }
54 
55  if (is_string($value) && in_array($key, $this->sensitive_data, true)) {
56  $value = 'REMOVED FOR SECURITY';
57  }
58 
59  if ($key === 'PHPSESSID' && is_string($value)) {
60  $value = substr($value, 0, 5) . ' (SHORTENED FOR SECURITY)';
61  }
62 
63  if ($key === 'HTTP_COOKIE') {
64  $cookie_content = explode(';', $value);
65  foreach ($cookie_content as &$cookie_pair_string) {
66  $cookie_pair = explode('=', $cookie_pair_string);
67  if (trim($cookie_pair[0]) === session_name()) {
68  $cookie_pair[1] = substr($cookie_pair[1], 0, 5) . ' (SHORTENED FOR SECURITY)';
69  $cookie_pair_string = implode('=', $cookie_pair);
70  }
71  }
72  $value = implode(';', $cookie_content);
73  }
74  }
75 
76  return $key_value_pairs;
77  }
78 
86  public function handle(): ?int
87  {
88  if (defined("IL_INITIAL_WD")) {
89  chdir(IL_INITIAL_WD);
90  }
91 
92  /* We must cast the superglobals back to normal arrays since the error handler needs them. They were replaced by
93  SuperGlobalDropInReplacement . The keys contain NULL bytes, so accessing values directly by key is not
94  really possible */
95  $_GET = $this->hideSensitiveData((array) $_GET);
96  $_POST = $this->hideSensitiveData((array) $_POST);
97  $_COOKIE = $this->hideSensitiveData((array) $_COOKIE);
98  $_REQUEST = $this->hideSensitiveData((array) $_REQUEST);
99 
100  $_SERVER = $this->hideSensitiveData($_SERVER);
101 
102  $this->current_handler = $this->error_handling->getHandler();
103  $this->current_handler->setRun($this->getRun());
104  $this->current_handler->setException($this->getException());
105  $this->current_handler->setInspector($this->getInspector());
106  return $this->current_handler->handle();
107  }
108 
113  public function contentType(): ?string
114  {
115  if ($this->current_handler === null ||
116  !method_exists($this->current_handler, 'contentType')) {
117  return null;
118  }
119 
120  return $this->current_handler->contentType();
121  }
122 }
$_GET
$_GET["client_id"]
Definition: webdav.php:30
ilDelegatingHandler\contentType
contentType()
This is an implicit interface method of the Whoops handlers.
Definition: class.ilDelegatingHandler.php:113
ilDelegatingHandler\handle
handle()
Last missing method from HandlerInterface.
Definition: class.ilDelegatingHandler.php:86
ilDelegatingHandler\__construct
__construct(private readonly ilErrorHandling $error_handling, private readonly array $sensitive_data=[])
Definition: class.ilDelegatingHandler.php:42
ilDelegatingHandler
A Whoops error handler that delegates calls on it self to another handler that is created only in the...
Definition: class.ilDelegatingHandler.php:35
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26
$_COOKIE
$_COOKIE[session_name()]
Definition: xapitoken.php:54
ilDelegatingHandler\hideSensitiveData
hideSensitiveData(array $key_value_pairs)
Definition: class.ilDelegatingHandler.php:48