Skip to content

Commit bc112ae

Browse files
Add support to set trustxsendfilehader over framework configuration
1 parent f5a8916 commit bc112ae

File tree

10 files changed

+23
-1
lines changed

10 files changed

+23
-1
lines changed

src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ CHANGELOG
88
* Load PHP configuration files by default in the `MicroKernelTrait`
99
* Add `cache:pool:invalidate-tags` command
1010
* Add `xliff` support in addition to `xlf` for `XliffFileDumper`
11+
* Add `trust_x_sendfile_type_header` option
1112

1213
6.0
1314
---

src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,10 @@ public function getConfigTreeBuilder(): TreeBuilder
8181
->info("Set true to enable support for the '_method' request parameter to determine the intended HTTP method on POST requests. Note: When using the HttpCache, you need to call the method in your front controller instead")
8282
->defaultTrue()
8383
->end()
84+
->scalarNode('trust_x_sendfile_type_header')
85+
->info("Set true to enable support for xsendfile in binary file responses.")
86+
->defaultFalse()
87+
->end()
8488
->scalarNode('ide')->defaultValue('%env(default::SYMFONY_IDE)%')->end()
8589
->booleanNode('test')->end()
8690
->scalarNode('default_locale')->defaultValue('en')->end()

src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -327,6 +327,7 @@ public function load(array $configs, ContainerBuilder $container)
327327
}
328328

329329
$container->setParameter('kernel.http_method_override', $config['http_method_override']);
330+
$container->setParameter('kernel.trust_x_sendfile_type_header', $config['trust_x_sendfile_type_header']);
330331
$container->setParameter('kernel.trusted_hosts', $config['trusted_hosts']);
331332
$container->setParameter('kernel.default_locale', $config['default_locale']);
332333
$container->setParameter('kernel.enabled_locales', $config['enabled_locales']);

src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@
4444
use Symfony\Component\EventDispatcher\DependencyInjection\RegisterListenersPass;
4545
use Symfony\Component\Form\DependencyInjection\FormPass;
4646
use Symfony\Component\HttpClient\DependencyInjection\HttpClientPass;
47+
use Symfony\Component\HttpFoundation\BinaryFileResponse;
4748
use Symfony\Component\HttpFoundation\Request;
4849
use Symfony\Component\HttpKernel\Bundle\Bundle;
4950
use Symfony\Component\HttpKernel\DependencyInjection\ControllerArgumentValueResolverPass;
@@ -94,6 +95,10 @@ public function boot()
9495
if ($this->container->getParameter('kernel.http_method_override')) {
9596
Request::enableHttpMethodParameterOverride();
9697
}
98+
99+
if ($this->container->getParameter('kernel.trust_x_sendfile_type_header')) {
100+
BinaryFileResponse::trustXSendfileTypeHeader();
101+
}
97102
}
98103

99104
public function build(ContainerBuilder $container)

src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@
4242
</xsd:choice>
4343

4444
<xsd:attribute name="http-method-override" type="xsd:boolean" />
45+
<xsd:attribute name="trust-x-sendfile-type-header" type="xsd:boolean" />
4546
<xsd:attribute name="ide" type="xsd:string" />
4647
<xsd:attribute name="secret" type="xsd:string" />
4748
<xsd:attribute name="default-locale" type="xsd:string" />

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -369,6 +369,7 @@ protected static function getBundleDefaultConfig()
369369
{
370370
return [
371371
'http_method_override' => true,
372+
'trust_x_sendfile_type_header' => false,
372373
'ide' => '%env(default::SYMFONY_IDE)%',
373374
'default_locale' => 'en',
374375
'enabled_locales' => [],

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
],
1212
],
1313
'http_method_override' => false,
14+
'trust_x_sendfile_type_header' => true,
1415
'esi' => [
1516
'enabled' => true,
1617
],

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
xsi:schemaLocation="http://symfony.com/schema/dic/services https://symfony.com/schema/dic/services/services-1.0.xsd
77
http://symfony.com/schema/dic/symfony https://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
88

9-
<framework:config secret="s3cr3t" ide="file%%link%%format" default-locale="fr" http-method-override="false">
9+
<framework:config secret="s3cr3t" ide="file%%link%%format" default-locale="fr" http-method-override="false" trust-x-sendfile-type-header="true">
1010
<framework:enabled-locale>fr</framework:enabled-locale>
1111
<framework:enabled-locale>en</framework:enabled-locale>
1212
<framework:csrf-protection />

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/full.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ framework:
77
csrf_protection:
88
field_name: _csrf
99
http_method_override: false
10+
trust_x_sendfile_type_header: true
1011
esi:
1112
enabled: true
1213
ssi:

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -174,6 +174,13 @@ public function testHttpMethodOverride()
174174
$this->assertFalse($container->getParameter('kernel.http_method_override'));
175175
}
176176

177+
public function testTrustXSendfileTypeHeader()
178+
{
179+
$container = $this->createContainerFromFile('full');
180+
181+
$this->assertTrue($container->getParameter('kernel.trust_x_sendfile_type_header'));
182+
}
183+
177184
public function testEsi()
178185
{
179186
$container = $this->createContainerFromFile('full');

0 commit comments

Comments
 (0)