diff options
author | Frederic Guillot <fred@kanboard.net> | 2016-05-25 21:28:33 -0400 |
---|---|---|
committer | Frederic Guillot <fred@kanboard.net> | 2016-05-25 21:28:33 -0400 |
commit | 872dc79dbd8b04424520e32675a6e0dcb6ed44bc (patch) | |
tree | 46b08d77e39c09fd415e9c943931db0a03de7c99 | |
parent | 74a84a28e34f3c1c38631fb80cc74ab589a44298 (diff) |
Do not execute controller if the response is already sent
-rw-r--r-- | app/Core/Controller/Runner.php | 5 | ||||
-rw-r--r-- | app/Core/Http/Response.php | 14 | ||||
-rw-r--r-- | app/Middleware/BootstrapMiddleware.php | 2 |
3 files changed, 19 insertions, 2 deletions
diff --git a/app/Core/Controller/Runner.php b/app/Core/Controller/Runner.php index b973c098..8353cf69 100644 --- a/app/Core/Controller/Runner.php +++ b/app/Core/Controller/Runner.php @@ -26,7 +26,10 @@ class Runner extends Base { try { $this->executeMiddleware(); - $this->executeController(); + + if (!$this->response->isResponseAlreadySent()) { + $this->executeController(); + } } catch (PageNotFoundException $e) { $controllerObject = new AppController($this->container); $controllerObject->notFound($e->hasLayout()); diff --git a/app/Core/Http/Response.php b/app/Core/Http/Response.php index 1c5310d0..0f16fb65 100644 --- a/app/Core/Http/Response.php +++ b/app/Core/Http/Response.php @@ -16,6 +16,18 @@ class Response extends Base private $httpStatusCode = 200; private $httpHeaders = array(); private $httpBody = ''; + private $responseSent = false; + + /** + * Return true if the response have been sent to the user agent + * + * @access public + * @return bool + */ + public function isResponseAlreadySent() + { + return $this->responseSent; + } /** * Set HTTP status code @@ -187,6 +199,8 @@ class Response extends Base */ public function send() { + $this->responseSent = true; + if ($this->httpStatusCode !== 200) { header('Status: '.$this->httpStatusCode); header($this->request->getServerVariable('SERVER_PROTOCOL').' '.$this->httpStatusCode); diff --git a/app/Middleware/BootstrapMiddleware.php b/app/Middleware/BootstrapMiddleware.php index c9de1de9..727f600c 100644 --- a/app/Middleware/BootstrapMiddleware.php +++ b/app/Middleware/BootstrapMiddleware.php @@ -33,7 +33,7 @@ class BootstrapMiddleware extends BaseMiddleware $this->response->withContentSecurityPolicy($this->container['cspRules']); $this->response->withSecurityHeaders(); - if (ENABLE_XFRAME && $this->router->getAction() !== 'readonly') { + if (ENABLE_XFRAME) { $this->response->withXframe(); } |