src/EventListener/KernelEventListener.php line 59

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use App\Utils\ParameterBagUtil;
  6. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\HttpFoundation\Response;
  9. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  10. use Symfony\Component\HttpKernel\Event\KernelEvent;
  11. use Symfony\Component\HttpKernel\Event\RequestEvent;
  12. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  13. use Symfony\Component\HttpKernel\KernelEvents;
  15. class KernelEventListener implements EventSubscriberInterface
  16. {
  17.     public function __construct(
  18.         private ParameterBagUtil $parameterBagUtil
  19.     ) {
  21.     }
  22.     public static function getSubscribedEvents(): array
  23.     {
  24.         return [
  25.             KernelEvents::REQUEST => ['onKernelRequest'9999],
  26.             KernelEvents::RESPONSE => ['onKernelResponse'9999],
  27.             KernelEvents::EXCEPTION => ['onKernelException'9999]
  28.         ];
  29.     }
  31.     public function onKernelException(ExceptionEvent $event): void
  32.     {
  33.         $this->addCorsHeaders($event);
  34.     }
  36.     public function addCorsHeaders(KernelEvent $event): void
  37.     {
  38.         $response $event->getResponse();
  39.         if ($response) {
  40.             $allowOrigin $this->getAllowOrigin($event->getRequest());
  41.             if ($allowOrigin) {
  42.                 $response->headers->set('Access-Control-Allow-Origin'$allowOrigin);
  43.                 $response->headers->set('Access-Control-Allow-Methods''GET,POST,PUT,PATCH');
  44.                 $response->headers->set('Access-Control-Allow-Headers''Origin, content-type, accept');
  45.                 $response->headers->set('Access-Control-Allow-Credentials''true');
  46.             }
  47.         }
  48.     }
  50.     private function getAllowOrigin(Request $request): ?string
  51.     {
  52.         if(!$request->headers->has('Origin')) return null;
  53.         if(preg_match(ParameterBagUtil::$bag->get('cors.origin'), $request->headers->get('Origin'))) {
  54.             return $request->headers->get('Origin');
  55.         }
  56.         return null;
  57.     }
  59.     public function onKernelRequest(RequestEvent $event): void
  60.     {
  61.         // Don't do anything if it's not the master request.
  62.         if (!$event->isMainRequest()) {
  63.             return;
  64.         }
  66.         $request $event->getRequest();
  67.         $method $request->getRealMethod();
  69.         if (Request::METHOD_OPTIONS === $method) {
  70.             $response = new Response();
  71.             $event->setResponse($response);
  72.         }
  73.     }
  75.     public function onKernelResponse(ResponseEvent $event): void
  76.     {
  77.         // Don't do anything if it's not the master request.
  78.         if (!$event->isMainRequest()) {
  79.             return;
  80.         }
  82.         $this->addCorsHeaders($event);
  83.     }
  84. }