class DisallowBasicAuthRequests
Same name in other branches
- 9 core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
- 8.9.x core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
- 11.x core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests
Cache policy for pages served from basic auth.
This policy disallows caching of requests that use basic_auth for security reasons. Otherwise responses for authenticated requests can get into the page cache and could be delivered to unprivileged users.
Hierarchy
- class \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests implements \Drupal\Core\PageCache\RequestPolicyInterface
Expanded class hierarchy of DisallowBasicAuthRequests
1 string reference to 'DisallowBasicAuthRequests'
- basic_auth.services.yml in core/
modules/ basic_auth/ basic_auth.services.yml - core/modules/basic_auth/basic_auth.services.yml
1 service uses DisallowBasicAuthRequests
File
-
core/
modules/ basic_auth/ src/ PageCache/ DisallowBasicAuthRequests.php, line 15
Namespace
Drupal\basic_auth\PageCacheView source
class DisallowBasicAuthRequests implements RequestPolicyInterface {
/**
* {@inheritdoc}
*/
public function check(Request $request) {
$username = $request->headers
->get('PHP_AUTH_USER');
$password = $request->headers
->get('PHP_AUTH_PW');
if (isset($username) && isset($password)) {
return self::DENY;
}
}
}
Members
Title Sort descending | Modifiers | Object type | Summary |
---|---|---|---|
DisallowBasicAuthRequests::check | public | function |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.