Same name and namespace in other branches
  1. 8.9.x core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php \Drupal\Core\EventSubscriber\RedirectLeadingSlashesSubscriber
  2. 9 core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php \Drupal\Core\EventSubscriber\RedirectLeadingSlashesSubscriber

Redirects paths containing successive slashes to those with single slashes.

Hierarchy

Expanded class hierarchy of RedirectLeadingSlashesSubscriber

1 string reference to 'RedirectLeadingSlashesSubscriber'
core.services.yml in core/core.services.yml
core/core.services.yml
1 service uses RedirectLeadingSlashesSubscriber
redirect_leading_slashes_subscriber in core/core.services.yml
Drupal\Core\EventSubscriber\RedirectLeadingSlashesSubscriber

File

core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php, line 13

Namespace

Drupal\Core\EventSubscriber
View source 
class RedirectLeadingSlashesSubscriber implements EventSubscriberInterface {

  /**
   * Redirects paths containing successive slashes to those with single slashes.
   *
   * @param \Symfony\Component\HttpKernel\Event\RequestEvent $event
   *   The RequestEvent to process.
   */
  public function redirect(RequestEvent $event) {
    $request = $event
      ->getRequest();

    // Get the requested path minus the base path.
    $path = $request
      ->getPathInfo();

    // It is impossible to create a link or a route to a path starting with
    // multiple leading slashes. However if a form is added to the 404 page that
    // submits back to the same URI this presents an open redirect
    // vulnerability. Also, Drupal 7 renders the same page for
    // http://www.example.org/foo and http://www.example.org////foo.
    if (str_contains($path, '//')) {
      $path = preg_replace('/\\/+/', '/', $path);
      $qs = $request
        ->getQueryString();
      if ($qs) {
        $qs = '?' . $qs;
      }
      $event
        ->setResponse(new CacheableRedirectResponse($request
        ->getUriForPath($path) . $qs));
    }
  }

  /**
   * {@inheritdoc}
   */
  public static function getSubscribedEvents() : array {
    $events[KernelEvents::REQUEST][] = [
      'redirect',
      1000,
    ];
    return $events;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
RedirectLeadingSlashesSubscriber::getSubscribedEvents public static function
RedirectLeadingSlashesSubscriber::redirect public function Redirects paths containing successive slashes to those with single slashes.