ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
HttpPathBuilder.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
21namespace ILIAS\Init\Environment;
22
23final class HttpPathBuilder
24{
28 public function __construct(
29 private readonly \ILIAS\Data\Factory $df,
30 private readonly \ilSetting $settings,
31 private readonly \ilHTTPS $https,
32 private readonly \ilIniFile $ini,
33 private readonly array|\ArrayAccess $server_data
34 ) {
35 }
36
37 public function build(): \ILIAS\Data\URI
38 {
39 $protocol = 'http://';
40 if ($this->https->isDetected()) {
41 $protocol = 'https://';
42 }
43 $host = $this->server_data['HTTP_HOST'];
44 $request_uri = strip_tags($this->server_data['REQUEST_URI']);
45
46 // security fix: this failed, if the URI contained "?" and following "/"
47 // -> we remove everything after "?"
48 if (\is_int($pos = strpos($request_uri, '?'))) {
49 $request_uri = substr($request_uri, 0, $pos);
50 }
51
52 if (\defined('ILIAS_MODULE')) {
53 // if in module remove module name from HTTP_PATH
54 $path = \dirname($request_uri);
55
56 // dirname cuts the last directory from a directory path e.g content/classes return content
57 $module = \ilFileUtils::removeTrailingPathSeparators(ILIAS_MODULE);
58
59 $dirs = explode('/', $module);
60 $uri = $path;
61 $uri = \dirname($uri, \count($dirs));
62 } else {
63 $path = pathinfo($request_uri);
64 if (($path['extension'] ?? '') !== '') {
65 $uri = \dirname($request_uri);
66 } else {
67 $uri = $request_uri;
68 }
69 }
70
71 $ilias_http_path = \ilContext::modifyHttpPath(implode('', [$protocol, $host, $uri]));
72
73 // remove everything after the first .php in the path
74 $ilias_http_path = preg_replace('@(http|https)(://)(.*?/.*?\.php).*@', '$1$2$3', $ilias_http_path);
75 $ilias_http_path = preg_replace('@goto.php/$@', '', $ilias_http_path);
76 $ilias_http_path = preg_replace('/goto.php$/', '', $ilias_http_path);
77 $ilias_http_path = preg_replace('@go/.*$@', '', $ilias_http_path);
78
79 $uri = $this->df->uri(\ilFileUtils::removeTrailingPathSeparators($ilias_http_path));
80
81 $ini_uri = $this->df->uri($this->ini->readVariable('server', 'http_path'));
82 $allowed_hosts = [
83 'localhost',
84 $ini_uri->getHost()
85 ];
86
87 if ($this->settings->get('soap_wsdl_path')) {
88 $soap_wsdl_uri = $this->df->uri($this->settings->get('soap_wsdl_path'));
89 $allowed_hosts = array_merge(
90 [$soap_wsdl_uri->getHost()],
91 $allowed_hosts
92 );
93 }
94
95 $allowed_hosts = array_merge(
96 array_filter(explode(',', $this->settings->get('allowed_hosts', ''))),
97 $allowed_hosts
98 );
99
100 if (!\in_array($uri->getHost(), $allowed_hosts, true)) {
101 throw new \RuntimeException('Request rejected, the given HTTP host is not in the "allowed_hosts" list');
102 }
103
104 return $uri;
105 }
106}
ILIAS\Data\Color\Factory
Builds a Color from either hex- or rgb values.
Definition: Factory.php:31
ILIAS\Data\URI
The scope of this class is split ilias-conform URI's into components.
Definition: URI.php:35
ILIAS\Init\Environment\HttpPathBuilder\__construct
__construct(private readonly \ILIAS\Data\Factory $df, private readonly \ilSetting $settings, private readonly \ilHTTPS $https, private readonly \ilIniFile $ini, private readonly array|\ArrayAccess $server_data)
Definition: HttpPathBuilder.php:28
ilContext\modifyHttpPath
static modifyHttpPath(string $httpPath)
Definition: class.ilContext.php:188
ilFileUtils\removeTrailingPathSeparators
static removeTrailingPathSeparators(string $path)
Definition: class.ilFileUtils.php:796
ilHTTPS
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilHTTPS.php:26
ilIniFile
INIFile Parser Early access in init proceess! Avoid further dependencies like logging or other servic...
Definition: class.ilIniFile.php:48
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:27
$path
$path
Definition: ltiservices.php:30
ILIAS
Interface Observer \BackgroundTasks Contains several chained tasks and infos about them.
Definition: AccessControl.php:21
ILIAS_MODULE
const ILIAS_MODULE
Definition: server.php:24