vendor/symfony/web-profiler-bundle/Controller/ProfilerController.php line 393

  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Bundle\WebProfilerBundle\Controller;
  14. use Symfony\Bundle\FullStack;
  15. use Symfony\Bundle\WebProfilerBundle\Csp\ContentSecurityPolicyHandler;
  16. use Symfony\Bundle\WebProfilerBundle\Profiler\TemplateManager;
  17. use Symfony\Component\HttpFoundation\RedirectResponse;
  18. use Symfony\Component\HttpFoundation\Request;
  19. use Symfony\Component\HttpFoundation\Response;
  20. use Symfony\Component\HttpFoundation\Session\Flash\AutoExpireFlashBag;
  21. use Symfony\Component\HttpKernel\DataCollector\DumpDataCollector;
  22. use Symfony\Component\HttpKernel\DataCollector\ExceptionDataCollector;
  23. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  24. use Symfony\Component\HttpKernel\Profiler\Profiler;
  25. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  26. use Twig\Environment;
  28. /**
  29.  * @author Fabien Potencier <fabien@symfony.com>
  30.  *
  31.  * @internal
  32.  */
  33. class ProfilerController
  34. {
  35.     private $templateManager;
  36.     private $generator;
  37.     private $profiler;
  38.     private $twig;
  39.     private $templates;
  40.     private $cspHandler;
  41.     private $baseDir;
  43.     public function __construct(UrlGeneratorInterface $generatorProfiler $profiler nullEnvironment $twig, array $templatesContentSecurityPolicyHandler $cspHandler nullstring $baseDir null)
  44.     {
  45.         $this->generator $generator;
  46.         $this->profiler $profiler;
  47.         $this->twig $twig;
  48.         $this->templates $templates;
  49.         $this->cspHandler $cspHandler;
  50.         $this->baseDir $baseDir;
  51.     }
  53.     /**
  54.      * Redirects to the last profiles.
  55.      *
  56.      * @throws NotFoundHttpException
  57.      */
  58.     public function homeAction(): RedirectResponse
  59.     {
  60.         $this->denyAccessIfProfilerDisabled();
  62.         return new RedirectResponse($this->generator->generate('_profiler_search_results', ['token' => 'empty''limit' => 10]), 302, ['Content-Type' => 'text/html']);
  63.     }
  65.     /**
  66.      * Renders a profiler panel for the given token.
  67.      *
  68.      * @throws NotFoundHttpException
  69.      */
  70.     public function panelAction(Request $requeststring $token): Response
  71.     {
  72.         $this->denyAccessIfProfilerDisabled();
  74.         $this->cspHandler?->disableCsp();
  76.         $panel $request->query->get('panel');
  77.         $page $request->query->get('page''home');
  79.         if ('latest' === $token && $latest current($this->profiler->find(nullnull1nullnullnull))) {
  80.             $token $latest['token'];
  81.         }
  83.         if (!$profile $this->profiler->loadProfile($token)) {
  84.             return $this->renderWithCspNonces($request'@WebProfiler/Profiler/info.html.twig', ['about' => 'no_token''token' => $token'request' => $request]);
  85.         }
  87.         if (null === $panel) {
  88.             $panel 'request';
  90.             foreach ($profile->getCollectors() as $collector) {
  91.                 if ($collector instanceof ExceptionDataCollector && $collector->hasException()) {
  92.                     $panel $collector->getName();
  94.                     break;
  95.                 }
  97.                 if ($collector instanceof DumpDataCollector && $collector->getDumpsCount() > 0) {
  98.                     $panel $collector->getName();
  99.                 }
  100.             }
  101.         }
  103.         if (!$profile->hasCollector($panel)) {
  104.             throw new NotFoundHttpException(sprintf('Panel "%s" is not available for token "%s".'$panel$token));
  105.         }
  107.         return $this->renderWithCspNonces($request$this->getTemplateManager()->getName($profile$panel), [
  108.             'token' => $token,
  109.             'profile' => $profile,
  110.             'collector' => $profile->getCollector($panel),
  111.             'panel' => $panel,
  112.             'page' => $page,
  113.             'request' => $request,
  114.             'templates' => $this->getTemplateManager()->getNames($profile),
  115.             'is_ajax' => $request->isXmlHttpRequest(),
  116.             'profiler_markup_version' => 3// 1 = original profiler, 2 = Symfony 2.8+ profiler, 3 = Symfony 6.2+ profiler
  117.         ]);
  118.     }
  120.     /**
  121.      * Renders the Web Debug Toolbar.
  122.      *
  123.      * @throws NotFoundHttpException
  124.      */
  125.     public function toolbarAction(Request $requeststring $token null): Response
  126.     {
  127.         if (null === $this->profiler) {
  128.             throw new NotFoundHttpException('The profiler must be enabled.');
  129.         }
  131.         if ($request->hasSession() && ($session $request->getSession())->isStarted() && $session->getFlashBag() instanceof AutoExpireFlashBag) {
  132.             // keep current flashes for one more request if using AutoExpireFlashBag
  133.             $session->getFlashBag()->setAll($session->getFlashBag()->peekAll());
  134.         }
  136.         if ('empty' === $token || null === $token) {
  137.             return new Response(''200, ['Content-Type' => 'text/html']);
  138.         }
  140.         $this->profiler->disable();
  142.         if (!$profile $this->profiler->loadProfile($token)) {
  143.             return new Response(''404, ['Content-Type' => 'text/html']);
  144.         }
  146.         $url null;
  147.         try {
  148.             $url $this->generator->generate('_profiler', ['token' => $token], UrlGeneratorInterface::ABSOLUTE_URL);
  149.         } catch (\Exception) {
  150.             // the profiler is not enabled
  151.         }
  153.         return $this->renderWithCspNonces($request'@WebProfiler/Profiler/toolbar.html.twig', [
  154.             'full_stack' => class_exists(FullStack::class),
  155.             'request' => $request,
  156.             'profile' => $profile,
  157.             'templates' => $this->getTemplateManager()->getNames($profile),
  158.             'profiler_url' => $url,
  159.             'token' => $token,
  160.             'profiler_markup_version' => 3// 1 = original toolbar, 2 = Symfony 2.8+ profiler, 3 = Symfony 6.2+ profiler
  161.         ]);
  162.     }
  164.     /**
  165.      * Renders the profiler search bar.
  166.      *
  167.      * @throws NotFoundHttpException
  168.      */
  169.     public function searchBarAction(Request $request): Response
  170.     {
  171.         $this->denyAccessIfProfilerDisabled();
  173.         $this->cspHandler?->disableCsp();
  175.         if (!$request->hasSession()) {
  176.             $ip =
  177.             $method =
  178.             $statusCode =
  179.             $url =
  180.             $start =
  181.             $end =
  182.             $limit =
  183.             $token null;
  184.         } else {
  185.             $session $request->getSession();
  187.             $ip $request->query->get('ip'$session->get('_profiler_search_ip'));
  188.             $method $request->query->get('method'$session->get('_profiler_search_method'));
  189.             $statusCode $request->query->get('status_code'$session->get('_profiler_search_status_code'));
  190.             $url $request->query->get('url'$session->get('_profiler_search_url'));
  191.             $start $request->query->get('start'$session->get('_profiler_search_start'));
  192.             $end $request->query->get('end'$session->get('_profiler_search_end'));
  193.             $limit $request->query->get('limit'$session->get('_profiler_search_limit'));
  194.             $token $request->query->get('token'$session->get('_profiler_search_token'));
  195.         }
  197.         return new Response(
  198.             $this->twig->render('@WebProfiler/Profiler/search.html.twig', [
  199.                 'token' => $token,
  200.                 'ip' => $ip,
  201.                 'method' => $method,
  202.                 'status_code' => $statusCode,
  203.                 'url' => $url,
  204.                 'start' => $start,
  205.                 'end' => $end,
  206.                 'limit' => $limit,
  207.                 'request' => $request,
  208.                 'render_hidden_by_default' => false,
  209.             ]),
  210.             200,
  211.             ['Content-Type' => 'text/html']
  212.         );
  213.     }
  215.     /**
  216.      * Renders the search results.
  217.      *
  218.      * @throws NotFoundHttpException
  219.      */
  220.     public function searchResultsAction(Request $requeststring $token): Response
  221.     {
  222.         $this->denyAccessIfProfilerDisabled();
  224.         $this->cspHandler?->disableCsp();
  226.         $profile $this->profiler->loadProfile($token);
  228.         $ip $request->query->get('ip');
  229.         $method $request->query->get('method');
  230.         $statusCode $request->query->get('status_code');
  231.         $url $request->query->get('url');
  232.         $start $request->query->get('start'null);
  233.         $end $request->query->get('end'null);
  234.         $limit $request->query->get('limit');
  236.         return $this->renderWithCspNonces($request'@WebProfiler/Profiler/results.html.twig', [
  237.             'request' => $request,
  238.             'token' => $token,
  239.             'profile' => $profile,
  240.             'tokens' => $this->profiler->find($ip$url$limit$method$start$end$statusCode),
  241.             'ip' => $ip,
  242.             'method' => $method,
  243.             'status_code' => $statusCode,
  244.             'url' => $url,
  245.             'start' => $start,
  246.             'end' => $end,
  247.             'limit' => $limit,
  248.             'panel' => null,
  249.         ]);
  250.     }
  252.     /**
  253.      * Narrows the search bar.
  254.      *
  255.      * @throws NotFoundHttpException
  256.      */
  257.     public function searchAction(Request $request): Response
  258.     {
  259.         $this->denyAccessIfProfilerDisabled();
  261.         $ip $request->query->get('ip');
  262.         $method $request->query->get('method');
  263.         $statusCode $request->query->get('status_code');
  264.         $url $request->query->get('url');
  265.         $start $request->query->get('start'null);
  266.         $end $request->query->get('end'null);
  267.         $limit $request->query->get('limit');
  268.         $token $request->query->get('token');
  270.         if ($request->hasSession()) {
  271.             $session $request->getSession();
  273.             $session->set('_profiler_search_ip'$ip);
  274.             $session->set('_profiler_search_method'$method);
  275.             $session->set('_profiler_search_status_code'$statusCode);
  276.             $session->set('_profiler_search_url'$url);
  277.             $session->set('_profiler_search_start'$start);
  278.             $session->set('_profiler_search_end'$end);
  279.             $session->set('_profiler_search_limit'$limit);
  280.             $session->set('_profiler_search_token'$token);
  281.         }
  283.         if (!empty($token)) {
  284.             return new RedirectResponse($this->generator->generate('_profiler', ['token' => $token]), 302, ['Content-Type' => 'text/html']);
  285.         }
  287.         $tokens $this->profiler->find($ip$url$limit$method$start$end$statusCode);
  289.         return new RedirectResponse($this->generator->generate('_profiler_search_results', [
  290.             'token' => $tokens $tokens[0]['token'] : 'empty',
  291.             'ip' => $ip,
  292.             'method' => $method,
  293.             'status_code' => $statusCode,
  294.             'url' => $url,
  295.             'start' => $start,
  296.             'end' => $end,
  297.             'limit' => $limit,
  298.         ]), 302, ['Content-Type' => 'text/html']);
  299.     }
  301.     /**
  302.      * Displays the PHP info.
  303.      *
  304.      * @throws NotFoundHttpException
  305.      */
  306.     public function phpinfoAction(): Response
  307.     {
  308.         $this->denyAccessIfProfilerDisabled();
  310.         $this->cspHandler?->disableCsp();
  312.         ob_start();
  313.         phpinfo();
  314.         $phpinfo ob_get_clean();
  316.         return new Response($phpinfo200, ['Content-Type' => 'text/html']);
  317.     }
  319.     /**
  320.      * Displays the Xdebug info.
  321.      *
  322.      * @throws NotFoundHttpException
  323.      */
  324.     public function xdebugAction(): Response
  325.     {
  326.         $this->denyAccessIfProfilerDisabled();
  328.         if (!\function_exists('xdebug_info')) {
  329.             throw new NotFoundHttpException('Xdebug must be installed in version 3.');
  330.         }
  332.         $this->cspHandler?->disableCsp();
  334.         ob_start();
  335.         xdebug_info();
  336.         $xdebugInfo ob_get_clean();
  338.         return new Response($xdebugInfo200, ['Content-Type' => 'text/html']);
  339.     }
  341.     /**
  342.      * Displays the source of a file.
  343.      *
  344.      * @throws NotFoundHttpException
  345.      */
  346.     public function openAction(Request $request): Response
  347.     {
  348.         if (null === $this->baseDir) {
  349.             throw new NotFoundHttpException('The base dir should be set.');
  350.         }
  352.         $this->profiler?->disable();
  354.         $file $request->query->get('file');
  355.         $line $request->query->get('line');
  357.         $filename $this->baseDir.\DIRECTORY_SEPARATOR.$file;
  359.         if (preg_match("'(^|[/\\\\])\.'"$file) || !is_readable($filename)) {
  360.             throw new NotFoundHttpException(sprintf('The file "%s" cannot be opened.'$file));
  361.         }
  363.         return $this->renderWithCspNonces($request'@WebProfiler/Profiler/open.html.twig', [
  364.             'file_info' => new \SplFileInfo($filename),
  365.             'file' => $file,
  366.             'line' => $line,
  367.         ]);
  368.     }
  370.     protected function getTemplateManager(): TemplateManager
  371.     {
  372.         return $this->templateManager ??= new TemplateManager($this->profiler$this->twig$this->templates);
  373.     }
  375.     private function denyAccessIfProfilerDisabled()
  376.     {
  377.         if (null === $this->profiler) {
  378.             throw new NotFoundHttpException('The profiler must be enabled.');
  379.         }
  381.         $this->profiler->disable();
  382.     }
  384.     private function renderWithCspNonces(Request $requeststring $template, array $variablesint $code 200, array $headers = ['Content-Type' => 'text/html']): Response
  385.     {
  386.         $response = new Response(''$code$headers);
  388.         $nonces $this->cspHandler $this->cspHandler->getNonces($request$response) : [];
  390.         $variables['csp_script_nonce'] = $nonces['csp_script_nonce'] ?? null;
  391.         $variables['csp_style_nonce'] = $nonces['csp_style_nonce'] ?? null;
  393.         $response->setContent($this->twig->render($template$variables));
  395.         return $response;
  396.     }
  397. }