| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 |
- <?php
- /*
- * This file is part of the Symfony package.
- *
- * (c) Fabien Potencier <fabien@symfony.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
- namespace Symfony\Bridge\Twig\Extension;
- use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
- use Twig\Extension\AbstractExtension;
- use Twig\Node\Expression\ArrayExpression;
- use Twig\Node\Expression\ConstantExpression;
- use Twig\Node\Node;
- use Twig\TwigFunction;
- /**
- * Provides integration of the Routing component with Twig.
- *
- * @author Fabien Potencier <fabien@symfony.com>
- */
- class RoutingExtension extends AbstractExtension
- {
- private $generator;
- public function __construct(UrlGeneratorInterface $generator)
- {
- $this->generator = $generator;
- }
- /**
- * Returns a list of functions to add to the existing list.
- *
- * @return array An array of functions
- */
- public function getFunctions()
- {
- return array(
- new TwigFunction('url', array($this, 'getUrl'), array('is_safe_callback' => array($this, 'isUrlGenerationSafe'))),
- new TwigFunction('path', array($this, 'getPath'), array('is_safe_callback' => array($this, 'isUrlGenerationSafe'))),
- );
- }
- /**
- * @param string $name
- * @param array $parameters
- * @param bool $relative
- *
- * @return string
- */
- public function getPath($name, $parameters = array(), $relative = false)
- {
- return $this->generator->generate($name, $parameters, $relative ? UrlGeneratorInterface::RELATIVE_PATH : UrlGeneratorInterface::ABSOLUTE_PATH);
- }
- /**
- * @param string $name
- * @param array $parameters
- * @param bool $schemeRelative
- *
- * @return string
- */
- public function getUrl($name, $parameters = array(), $schemeRelative = false)
- {
- return $this->generator->generate($name, $parameters, $schemeRelative ? UrlGeneratorInterface::NETWORK_PATH : UrlGeneratorInterface::ABSOLUTE_URL);
- }
- /**
- * Determines at compile time whether the generated URL will be safe and thus
- * saving the unneeded automatic escaping for performance reasons.
- *
- * The URL generation process percent encodes non-alphanumeric characters. So there is no risk
- * that malicious/invalid characters are part of the URL. The only character within an URL that
- * must be escaped in html is the ampersand ("&") which separates query params. So we cannot mark
- * the URL generation as always safe, but only when we are sure there won't be multiple query
- * params. This is the case when there are none or only one constant parameter given.
- * E.g. we know beforehand this will be safe:
- * - path('route')
- * - path('route', {'param': 'value'})
- * But the following may not:
- * - path('route', var)
- * - path('route', {'param': ['val1', 'val2'] }) // a sub-array
- * - path('route', {'param1': 'value1', 'param2': 'value2'})
- * If param1 and param2 reference placeholder in the route, it would still be safe. But we don't know.
- *
- * @param Node $argsNode The arguments of the path/url function
- *
- * @return array An array with the contexts the URL is safe
- *
- * To be made @final in 3.4, and the type-hint be changed to "\Twig\Node\Node" in 4.0.
- */
- public function isUrlGenerationSafe(\Twig_Node $argsNode)
- {
- // support named arguments
- $paramsNode = $argsNode->hasNode('parameters') ? $argsNode->getNode('parameters') : (
- $argsNode->hasNode(1) ? $argsNode->getNode(1) : null
- );
- if (null === $paramsNode || $paramsNode instanceof ArrayExpression && count($paramsNode) <= 2 &&
- (!$paramsNode->hasNode(1) || $paramsNode->getNode(1) instanceof ConstantExpression)
- ) {
- return array('html');
- }
- return array();
- }
- /**
- * {@inheritdoc}
- */
- public function getName()
- {
- return 'routing';
- }
- }
|
