]> git.mxchange.org Git - friendica.git/blobdiff - src/App.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make API call permission checks more reliable
[friendica.git] / src / App.php
diff --git a/src/App.php b/src/App.php
index f3f7429db0651014ebe52aa4f6942024b81c7ddc..a17fb3ec388cd64ab06175eb19b740279e308982 100644 (file)
--- a/src/App.php
+++ b/src/App.php
@@ -24,6 +24,7 @@ namespace Friendica;
 use Exception;
 use Friendica\App\Arguments;
 use Friendica\App\BaseURL;
+use Friendica\Capabilities\ICanCreateResponses;
 use Friendica\Core\Config\Factory\Config;
 use Friendica\Module\Maintenance;
 use Friendica\Security\Authentication;
@@ -39,6 +40,7 @@ use Friendica\Model\Profile;
 use Friendica\Module\Special\HTTPException as ModuleHTTPException;
 use Friendica\Network\HTTPException;
 use Friendica\Util\DateTimeFormat;
+use Friendica\Util\HTTPInputData;
 use Friendica\Util\HTTPSignature;
 use Friendica\Util\Profiler;
 use Friendica\Util\Strings;
@@ -560,13 +562,15 @@ class App
         *
         * @param App\Router                  $router
         * @param IManagePersonalConfigValues $pconfig
-        * @param Authentication              $auth   The Authentication backend of the node
-        * @param App\Page                    $page   The Friendica page printing container
+        * @param Authentication              $auth       The Authentication backend of the node
+        * @param App\Page                    $page       The Friendica page printing container
+        * @param HTTPInputData               $httpInput  A library for processing PHP input streams
+        * @param float                       $start_time The start time of the overall script execution
         *
         * @throws HTTPException\InternalServerErrorException
         * @throws \ImagickException
         */
-       public function runFrontend(App\Router $router, IManagePersonalConfigValues $pconfig, Authentication $auth, App\Page $page, float $start_time)
+       public function runFrontend(App\Router $router, IManagePersonalConfigValues $pconfig, Authentication $auth, App\Page $page, HTTPInputData $httpInput, float $start_time)
        {
                $this->profiler->set($start_time, 'start');
                $this->profiler->set(microtime(true), 'classinit');
@@ -700,9 +704,17 @@ class App
                                $module = $router->getModule();
                        }
 
+                       // Processes data from GET requests
+                       $httpinput = $httpInput->process();
+                       $input     = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST);
+
                        // Let the module run it's internal process (init, get, post, ...)
-                       $response = $module->run($_POST, $_REQUEST);
-                       $page->run($this, $this->baseURL, $this->args, $this->mode, $response, $this->l10n, $this->profiler, $this->config, $pconfig);
+                       $response = $module->run($input);
+                       if ($response->getHeaderLine(ICanCreateResponses::X_HEADER) === ICanCreateResponses::TYPE_HTML) {
+                               $page->run($this, $this->baseURL, $this->args, $this->mode, $response, $this->l10n, $this->profiler, $this->config, $pconfig);
+                       } else {
+                               $page->exit($response);
+                       }
                } catch (HTTPException $e) {
                        (new ModuleHTTPException())->rawContent($e);
                }
Unnamed repository; edit this file 'description' to name the repository.