View GitHub Repository TalentCloud

Schedule Inspection
Subscribe
Passed
Push — feature/application-review-ui ( afbf92 )
by Chris
06:55
created

VerifyCsrfToken::addCookieToResponse()   A

↳ Parent: VerifyCsrfToken

Complexity

Conditions 2
Paths 2

Size

Total Lines 19
Code Lines 14

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
eloc 14
c 0
b 0
f 0
dl 0
loc 19
rs 9.7998
cc 2
nc 2
nop 2
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
namespace App\Http\Middleware;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                
use \Symfony\Component\HttpFoundation\Cookie;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                
class VerifyCsrfToken extends Middleware

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                
     * Indicates whether the XSRF-TOKEN cookie should be set on the response.

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                
     *

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
     * @var boolean

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                
     */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                
    protected $addHttpCookie = false;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                
     * The URIs that should be excluded from CSRF verification.

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                
     *

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                
     * @var array

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                
     */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                
    protected $except = [

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
            ];

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                
     * OVERRIDE to make adding XSRF-TOKEN cookie optional

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                
     *

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                
     * Add the CSRF token to the response cookies.

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                
     *

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                
     * @param  \Illuminate\Http\Request                   $request  Incoming request.

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                
     * @param  \Symfony\Component\HttpFoundation\Response $response Outgoing response.

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                
     * @return \Symfony\Component\HttpFoundation\Response

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                
     */

            


            
                                                                        
                            
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                
    protected function addCookieToResponse($request, $response)

            


            
                                                                        
                            
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                
    {

            


            
                                                                        
                            
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
        if ($this->addHttpCookie) {

            


            
                                                                        
                            
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                
            $config = config('session');

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Bug
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                        

                                        
The function config was not found. Maybe you did not declare it correctly or list all dependencies?
                                                                                                                                       (
                                     Ignorable by Annotation
                                )
                                

                                    
 If this is a false-positive, you can also ignore this issue in your code via the ignore-call   annotation

                                    

                                        

                                            37
                                            
                                                
            $config = /** @scrutinizer ignore-call */ config('session');

                                        

                                                                            

                                

                                                                        

                    
                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                        
                            
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                
            $response->headers->setCookie(

            


            
                                                                        
                            
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
                new Cookie(

            


            
                                                                        
                            
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                
                    'XSRF-TOKEN',

            


            
                                                                        
                            
            
                                    
            
            

                
                    41
                

                                    
                                                    
                
                
                
                    $request->session()->token(),

            


            
                                                                        
                            
            
                                    
            
            

                
                    42
                

                                    
                                                    
                
                
                
                    $this->availableAt(60 * $config['lifetime']),

            


            
                                                                        
                            
            
                                    
            
            

                
                    43
                

                                    
                                                    
                
                
                
                    $config['path'],

            


            
                                                                        
                            
            
                                    
            
            

                
                    44
                

                                    
                                                    
                
                
                
                    $config['domain'],

            


            
                                                                        
                            
            
                                    
            
            

                
                    45
                

                                    
                                                    
                
                
                
                    $config['secure'],

            


            
                                                                        
                            
            
                                    
            
            

                
                    46
                

                                    
                                                    
                
                
                
                    false,

            


            
                                                                        
                            
            
                                    
            
            

                
                    47
                

                                    
                                                    
                
                
                
                    false,

            


            
                                                                        
                            
            
                                    
            
            

                
                    48
                

                                    
                                                    
                
                
                
                    $config['same_site'] ?? null

            


            
                                                                        
                            
            
                                    
            
            

                
                    49
                

                                    
                                                    
                
                
                
                )

            


            
                                                                        
                            
            
                                    
            
            

                
                    50
                

                                    
                                                    
                
                
                
            );

            


            
                                                                        
                            
            
                                    
            
            

                
                    51
                

                                    
                                                    
                
                
                
        }

            


            
                                                                        
                            
            
                                    
            
            

                
                    52
                

                                    
                                                    
                
                
                
            return $response;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    53
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    54
                

                                    
                                                    
                
                
                
}

            


            
                                                        
            
                                    
            
            

                
                    55