SameSiteCookieHotfixListener::onKernelRequest() - Code Metrics - Inspection of "SameSiteを正しく扱えないバージョンのSafariはサイト利用できないようにする" - kiy0taka/ec-cube - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — hotfix/samesite-cookie ( 25bbba...3603e5 )

by Kiyotaka

created 2020-02-05 10:28 UTC

SameSiteCookieHotfixListener::onKernelRequest() A

↳ Parent: SameSiteCookieHotfixListener

Complexity

Conditions	3
Paths	3

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
nc	3
nop	1
dl	0
loc	15
rs	9.7666
c	0
b	0
f	0

<?php

/*
 * This file is part of EC-CUBE
 *
 * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
 *
 * http://www.ec-cube.co.jp/
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Eccube\EventListener;

use Eccube\Request\Context;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;

/**
 * Safariの一部のバージョンでSameSite=Noneを正しく扱われないバグ対応.
 *
 * @see https://bugs.webkit.org/show_bug.cgi?id=198181
 */
class SameSiteCookieHotfixListener implements EventSubscriberInterface
{
    private static $TARGET_UA_PATTERNS = [
        '/^.*iPhone; CPU iPhone OS 1[0-2].*$/',
        '/^.*iPad; CPU OS 1[0-2].*$/',
        '/^.*iPod touch; CPU iPhone OS 1[0-2].*$/',
        '/^.*Macintosh; Intel Mac OS X.*Version\/1[0-2].*Safari.*$/',
    ];

    /**
     * @var Context
     */
    protected $requestContext;

    public function __construct(Context $requestContext)
    {
        $this->requestContext = $requestContext;
    }

    public function onKernelRequest(GetResponseEvent $event)
    {
        if (!$event->isMasterRequest()) {
            return;
        }

        $ua = $event->getRequest()->headers->get('User-Agent');
        $isUnsupported = array_filter(self::$TARGET_UA_PATTERNS, function ($pattern) use ($ua) {
            return preg_match($pattern, $ua);
        });

        if ($isUnsupported) {

            $event->setResponse(new Response('お使いのブラウザーではご利用いただけません。'));
        }
    }

    /**
     * {@inheritdoc}
     */
    public static function getSubscribedEvents()
    {
        return [
            'kernel.request' => ['onKernelRequest', 256],
        ];
    }
}


1			<?php
2
3			/*
4			* This file is part of EC-CUBE
5			*
6			* Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
7			*
8			* http://www.ec-cube.co.jp/
9			*
10			* For the full copyright and license information, please view the LICENSE
11			* file that was distributed with this source code.
12			*/
13
14			namespace Eccube\EventListener;
15
16			use Eccube\Request\Context;
17			use Symfony\Component\EventDispatcher\EventSubscriberInterface;
18			use Symfony\Component\HttpFoundation\Response;
19			use Symfony\Component\HttpKernel\Event\GetResponseEvent;
20
21			/**
22			* Safariの一部のバージョンでSameSite=Noneを正しく扱われないバグ対応.
23			*
24			* @see https://bugs.webkit.org/show_bug.cgi?id=198181
25			*/
26			class SameSiteCookieHotfixListener implements EventSubscriberInterface
27			{
28			private static $TARGET_UA_PATTERNS = [
29			'/^.iPhone; CPU iPhone OS 1[0-2].$/',
30			'/^.iPad; CPU OS 1[0-2].$/',
31			'/^.iPod touch; CPU iPhone OS 1[0-2].$/',
32			'/^.Macintosh; Intel Mac OS X.Version\/1[0-2].Safari.$/',
33			];
34
35			/**
36			* @var Context
37			*/
38			protected $requestContext;
39
40			public function __construct(Context $requestContext)
41			{
42			$this->requestContext = $requestContext;
43			}
44
45			public function onKernelRequest(GetResponseEvent $event)
46			{
47			if (!$event->isMasterRequest()) {
48			return;
49			}
50
51			$ua = $event->getRequest()->headers->get('User-Agent');
52			$isUnsupported = array_filter(self::$TARGET_UA_PATTERNS, function ($pattern) use ($ua) {
53			return preg_match($pattern, $ua);
54			});
55
56			if ($isUnsupported) {
			0 ignored issues – show Bug Best Practice introduced 2020-02-05 10:34 UTC by Report Bug Copy Issue Report The expression `$isUnsupported` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
57			$event->setResponse(new Response('お使いのブラウザーではご利用いただけません。'));
58			}
59			}
60
61			/**
62			* {@inheritdoc}
63			*/
64			public static function getSubscribedEvents()
65			{
66			return [
67			'kernel.request' => ['onKernelRequest', 256],
68			];
69			}
70			}
71

kiy0taka / ec-cube

Push — hotfix/samesite-cookie ( 25bbba...3603e5 )

SameSiteCookieHotfixListener::onKernelRequest() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like