vendor/symfony/web-profiler-bundle/Controller/ProfilerController.php line 109

Open in your IDE?
  1. <?php
  3. /*
  4. * This file is part of the Symfony package.
  5. *
  6. * (c) Fabien Potencier <fabien@symfony.com>
  7. *
  8. * For the full copyright and license information, please view the LICENSE
  9. * file that was distributed with this source code.
  10. */
  12. namespace Symfony\Bundle\WebProfilerBundle\Controller;
  14. use Symfony\Bundle\FullStack;
  15. use Symfony\Bundle\WebProfilerBundle\Csp\ContentSecurityPolicyHandler;
  16. use Symfony\Bundle\WebProfilerBundle\Profiler\TemplateManager;
  17. use Symfony\Component\HttpFoundation\RedirectResponse;
  18. use Symfony\Component\HttpFoundation\Request;
  19. use Symfony\Component\HttpFoundation\Response;
  20. use Symfony\Component\HttpFoundation\Session\Flash\AutoExpireFlashBag;
  21. use Symfony\Component\HttpKernel\DataCollector\DumpDataCollector;
  22. use Symfony\Component\HttpKernel\DataCollector\ExceptionDataCollector;
  23. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  24. use Symfony\Component\HttpKernel\Profiler\Profiler;
  25. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  26. use Twig\Environment;
  28. /**
  29. * @author Fabien Potencier <fabien@symfony.com>
  30. *
  31. * @internal
  32. */
  33. class ProfilerController
  34. {
  35. private $templateManager;
  36. private $generator;
  37. private $profiler;
  38. private $twig;
  39. private $templates;
  40. private $cspHandler;
  41. private $baseDir;
  43. public function __construct(UrlGeneratorInterface $generator, ?Profiler $profiler, Environment $twig, array $templates, ?ContentSecurityPolicyHandler $cspHandler = null, ?string $baseDir = null)
  44. {
  45. $this->generator = $generator;
  46. $this->profiler = $profiler;
  47. $this->twig = $twig;
  48. $this->templates = $templates;
  49. $this->cspHandler = $cspHandler;
  50. $this->baseDir = $baseDir;
  51. }
  53. /**
  54. * Redirects to the last profiles.
  55. *
  56. * @throws NotFoundHttpException
  57. */
  58. public function homeAction(): RedirectResponse
  59. {
  60. $this->denyAccessIfProfilerDisabled();
  62. return new RedirectResponse($this->generator->generate('_profiler_search_results', ['token' => 'empty', 'limit' => 10]), 302, ['Content-Type' => 'text/html']);
  63. }
  65. /**
  66. * Renders a profiler panel for the given token.
  67. *
  68. * @throws NotFoundHttpException
  69. */
  70. public function panelAction(Request $request, string $token): Response
  71. {
  72. $this->denyAccessIfProfilerDisabled();
  74. if (null !== $this->cspHandler) {
  75. $this->cspHandler->disableCsp();
  76. }
  78. $panel = $request->query->get('panel');
  79. $page = $request->query->get('page', 'home');
  81. if ('latest' === $token && $latest = current($this->profiler->find(null, null, 1, null, null, null))) {
  82. $token = $latest['token'];
  83. }
  85. if (!$profile = $this->profiler->loadProfile($token)) {
  86. return $this->renderWithCspNonces($request, '@WebProfiler/Profiler/info.html.twig', ['about' => 'no_token', 'token' => $token, 'request' => $request]);
  87. }
  89. if (null === $panel) {
  90. $panel = 'request';
  92. foreach ($profile->getCollectors() as $collector) {
  93. if ($collector instanceof ExceptionDataCollector && $collector->hasException()) {
  94. $panel = $collector->getName();
  96. break;
  97. }
  99. if ($collector instanceof DumpDataCollector && $collector->getDumpsCount() > 0) {
  100. $panel = $collector->getName();
  101. }
  102. }
  103. }
  105. if (!$profile->hasCollector($panel)) {
  106. throw new NotFoundHttpException(sprintf('Panel "%s" is not available for token "%s".', $panel, $token));
  107. }
  109. return $this->renderWithCspNonces($request, $this->getTemplateManager()->getName($profile, $panel), [
  110. 'token' => $token,
  111. 'profile' => $profile,
  112. 'collector' => $profile->getCollector($panel),
  113. 'panel' => $panel,
  114. 'page' => $page,
  115. 'request' => $request,
  116. 'templates' => $this->getTemplateManager()->getNames($profile),
  117. 'is_ajax' => $request->isXmlHttpRequest(),
  118. 'profiler_markup_version' => 2, // 1 = original profiler, 2 = Symfony 2.8+ profiler
  119. ]);
  120. }
  122. /**
  123. * Renders the Web Debug Toolbar.
  124. *
  125. * @throws NotFoundHttpException
  126. */
  127. public function toolbarAction(Request $request, ?string $token = null): Response
  128. {
  129. if (null === $this->profiler) {
  130. throw new NotFoundHttpException('The profiler must be enabled.');
  131. }
  133. if ($request->hasSession() && ($session = $request->getSession())->isStarted() && $session->getFlashBag() instanceof AutoExpireFlashBag) {
  134. // keep current flashes for one more request if using AutoExpireFlashBag
  135. $session->getFlashBag()->setAll($session->getFlashBag()->peekAll());
  136. }
  138. if ('empty' === $token || null === $token) {
  139. return new Response('', 200, ['Content-Type' => 'text/html']);
  140. }
  142. $this->profiler->disable();
  144. if (!$profile = $this->profiler->loadProfile($token)) {
  145. return new Response('', 404, ['Content-Type' => 'text/html']);
  146. }
  148. $url = null;
  149. try {
  150. $url = $this->generator->generate('_profiler', ['token' => $token], UrlGeneratorInterface::ABSOLUTE_URL);
  151. } catch (\Exception $e) {
  152. // the profiler is not enabled
  153. }
  155. return $this->renderWithCspNonces($request, '@WebProfiler/Profiler/toolbar.html.twig', [
  156. 'full_stack' => class_exists(FullStack::class),
  157. 'request' => $request,
  158. 'profile' => $profile,
  159. 'templates' => $this->getTemplateManager()->getNames($profile),
  160. 'profiler_url' => $url,
  161. 'token' => $token,
  162. 'profiler_markup_version' => 2, // 1 = original toolbar, 2 = Symfony 2.8+ toolbar
  163. ]);
  164. }
  166. /**
  167. * Renders the profiler search bar.
  168. *
  169. * @throws NotFoundHttpException
  170. */
  171. public function searchBarAction(Request $request): Response
  172. {
  173. $this->denyAccessIfProfilerDisabled();
  175. if (null !== $this->cspHandler) {
  176. $this->cspHandler->disableCsp();
  177. }
  179. if (!$request->hasSession()) {
  180. $ip =
  181. $method =
  182. $statusCode =
  183. $url =
  184. $start =
  185. $end =
  186. $limit =
  187. $token = null;
  188. } else {
  189. $session = $request->getSession();
  191. $ip = $request->query->get('ip', $session->get('_profiler_search_ip'));
  192. $method = $request->query->get('method', $session->get('_profiler_search_method'));
  193. $statusCode = $request->query->get('status_code', $session->get('_profiler_search_status_code'));
  194. $url = $request->query->get('url', $session->get('_profiler_search_url'));
  195. $start = $request->query->get('start', $session->get('_profiler_search_start'));
  196. $end = $request->query->get('end', $session->get('_profiler_search_end'));
  197. $limit = $request->query->get('limit', $session->get('_profiler_search_limit'));
  198. $token = $request->query->get('token', $session->get('_profiler_search_token'));
  199. }
  201. return new Response(
  202. $this->twig->render('@WebProfiler/Profiler/search.html.twig', [
  203. 'token' => $token,
  204. 'ip' => $ip,
  205. 'method' => $method,
  206. 'status_code' => $statusCode,
  207. 'url' => $url,
  208. 'start' => $start,
  209. 'end' => $end,
  210. 'limit' => $limit,
  211. 'request' => $request,
  212. ]),
  213. 200,
  214. ['Content-Type' => 'text/html']
  215. );
  216. }
  218. /**
  219. * Renders the search results.
  220. *
  221. * @throws NotFoundHttpException
  222. */
  223. public function searchResultsAction(Request $request, string $token): Response
  224. {
  225. $this->denyAccessIfProfilerDisabled();
  227. if (null !== $this->cspHandler) {
  228. $this->cspHandler->disableCsp();
  229. }
  231. $profile = $this->profiler->loadProfile($token);
  233. $ip = $request->query->get('ip');
  234. $method = $request->query->get('method');
  235. $statusCode = $request->query->get('status_code');
  236. $url = $request->query->get('url');
  237. $start = $request->query->get('start', null);
  238. $end = $request->query->get('end', null);
  239. $limit = $request->query->get('limit');
  241. return $this->renderWithCspNonces($request, '@WebProfiler/Profiler/results.html.twig', [
  242. 'request' => $request,
  243. 'token' => $token,
  244. 'profile' => $profile,
  245. 'tokens' => $this->profiler->find($ip, $url, $limit, $method, $start, $end, $statusCode),
  246. 'ip' => $ip,
  247. 'method' => $method,
  248. 'status_code' => $statusCode,
  249. 'url' => $url,
  250. 'start' => $start,
  251. 'end' => $end,
  252. 'limit' => $limit,
  253. 'panel' => null,
  254. ]);
  255. }
  257. /**
  258. * Narrows the search bar.
  259. *
  260. * @throws NotFoundHttpException
  261. */
  262. public function searchAction(Request $request): Response
  263. {
  264. $this->denyAccessIfProfilerDisabled();
  266. $ip = $request->query->get('ip');
  267. $method = $request->query->get('method');
  268. $statusCode = $request->query->get('status_code');
  269. $url = $request->query->get('url');
  270. $start = $request->query->get('start', null);
  271. $end = $request->query->get('end', null);
  272. $limit = $request->query->get('limit');
  273. $token = $request->query->get('token');
  275. if ($request->hasSession()) {
  276. $session = $request->getSession();
  278. $session->set('_profiler_search_ip', $ip);
  279. $session->set('_profiler_search_method', $method);
  280. $session->set('_profiler_search_status_code', $statusCode);
  281. $session->set('_profiler_search_url', $url);
  282. $session->set('_profiler_search_start', $start);
  283. $session->set('_profiler_search_end', $end);
  284. $session->set('_profiler_search_limit', $limit);
  285. $session->set('_profiler_search_token', $token);
  286. }
  288. if (!empty($token)) {
  289. return new RedirectResponse($this->generator->generate('_profiler', ['token' => $token]), 302, ['Content-Type' => 'text/html']);
  290. }
  292. $tokens = $this->profiler->find($ip, $url, $limit, $method, $start, $end, $statusCode);
  294. return new RedirectResponse($this->generator->generate('_profiler_search_results', [
  295. 'token' => $tokens ? $tokens[0]['token'] : 'empty',
  296. 'ip' => $ip,
  297. 'method' => $method,
  298. 'status_code' => $statusCode,
  299. 'url' => $url,
  300. 'start' => $start,
  301. 'end' => $end,
  302. 'limit' => $limit,
  303. ]), 302, ['Content-Type' => 'text/html']);
  304. }
  306. /**
  307. * Displays the PHP info.
  308. *
  309. * @throws NotFoundHttpException
  310. */
  311. public function phpinfoAction(): Response
  312. {
  313. $this->denyAccessIfProfilerDisabled();
  315. if (null !== $this->cspHandler) {
  316. $this->cspHandler->disableCsp();
  317. }
  319. ob_start();
  320. phpinfo();
  321. $phpinfo = ob_get_clean();
  323. return new Response($phpinfo, 200, ['Content-Type' => 'text/html']);
  324. }
  326. /**
  327. * Displays the source of a file.
  328. *
  329. * @throws NotFoundHttpException
  330. */
  331. public function openAction(Request $request): Response
  332. {
  333. if (null === $this->baseDir) {
  334. throw new NotFoundHttpException('The base dir should be set.');
  335. }
  337. if ($this->profiler) {
  338. $this->profiler->disable();
  339. }
  341. $file = $request->query->get('file');
  342. $line = $request->query->get('line');
  344. $filename = $this->baseDir.\DIRECTORY_SEPARATOR.$file;
  346. if (preg_match("'(^|[/\\\\])\.'", $file) || !is_readable($filename)) {
  347. throw new NotFoundHttpException(sprintf('The file "%s" cannot be opened.', $file));
  348. }
  350. return $this->renderWithCspNonces($request, '@WebProfiler/Profiler/open.html.twig', [
  351. 'filename' => $filename,
  352. 'file' => $file,
  353. 'line' => $line,
  354. ]);
  355. }
  357. /**
  358. * Gets the Template Manager.
  359. */
  360. protected function getTemplateManager(): TemplateManager
  361. {
  362. if (null === $this->templateManager) {
  363. $this->templateManager = new TemplateManager($this->profiler, $this->twig, $this->templates);
  364. }
  366. return $this->templateManager;
  367. }
  369. private function denyAccessIfProfilerDisabled()
  370. {
  371. if (null === $this->profiler) {
  372. throw new NotFoundHttpException('The profiler must be enabled.');
  373. }
  375. $this->profiler->disable();
  376. }
  378. private function renderWithCspNonces(Request $request, string $template, array $variables, int $code = 200, array $headers = ['Content-Type' => 'text/html']): Response
  379. {
  380. $response = new Response('', $code, $headers);
  382. $nonces = $this->cspHandler ? $this->cspHandler->getNonces($request, $response) : [];
  384. $variables['csp_script_nonce'] = $nonces['csp_script_nonce'] ?? null;
  385. $variables['csp_style_nonce'] = $nonces['csp_style_nonce'] ?? null;
  387. $response->setContent($this->twig->render($template, $variables));
  389. return $response;
  390. }
  391. }