Gecko [ naturenectar.co.uk ]

Name	Size	Permission	Date
AbstractExtension.php	1.33 KB	-rw-r--r--	2025-05-08 04:26
AttributeExtension.php	6.56 KB	-rw-r--r--	2025-05-08 04:26
CoreExtension.php	71.5 KB	-rw-r--r--	2025-05-08 04:26
DebugExtension.php	1.59 KB	-rw-r--r--	2024-09-27 07:26
EscaperExtension.php	6.82 KB	-rw-r--r--	2025-05-08 04:26
ExtensionInterface.php	1.92 KB	-rw-r--r--	2025-05-08 04:26
GlobalsInterface.php	470 B	-rw-r--r--	2024-09-27 07:26
LastModifiedExtensionInterface.php	613 B	-rw-r--r--	2025-05-08 04:26
OptimizerExtension.php	539 B	-rw-r--r--	2024-09-27 07:26
ProfilerExtension.php	1.02 KB	-rw-r--r--	2024-09-27 07:26
RuntimeExtensionInterface.php	326 B	-rw-r--r--	2024-09-27 07:26
SandboxExtension.php	4.47 KB	-rw-r--r--	2025-05-08 04:26
StagingExtension.php	2.42 KB	-rw-r--r--	2024-09-27 07:26
StringLoaderExtension.php	1.01 KB	-rw-r--r--	2024-09-27 07:26
YieldNotReadyExtension.php	588 B	-rw-r--r--	2024-09-27 07:26

Rename

<?php

/*
 * This file is part of Twig.
 *
 * (c) Fabien Potencier
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Twig\Extension;

use Twig\NodeVisitor\SandboxNodeVisitor;
use Twig\Sandbox\SecurityNotAllowedMethodError;
use Twig\Sandbox\SecurityNotAllowedPropertyError;
use Twig\Sandbox\SecurityPolicyInterface;
use Twig\Sandbox\SourcePolicyInterface;
use Twig\Source;
use Twig\TokenParser\SandboxTokenParser;

final class SandboxExtension extends AbstractExtension
{
    private $sandboxedGlobally;
    private $sandboxed;
    private $policy;
    private $sourcePolicy;

public function __construct(SecurityPolicyInterface $policy, $sandboxed = false, ?SourcePolicyInterface $sourcePolicy = null)
    {
        $this->policy = $policy;
        $this->sandboxedGlobally = $sandboxed;
        $this->sourcePolicy = $sourcePolicy;
    }

public function getTokenParsers(): array
    {
        return [new SandboxTokenParser()];
    }

public function getNodeVisitors(): array
    {
        return [new SandboxNodeVisitor()];
    }

public function enableSandbox(): void
    {
        $this->sandboxed = true;
    }

public function disableSandbox(): void
    {
        $this->sandboxed = false;
    }

public function isSandboxed(?Source $source = null): bool
    {
        return $this->sandboxedGlobally || $this->sandboxed || $this->isSourceSandboxed($source);
    }

public function isSandboxedGlobally(): bool
    {
        return $this->sandboxedGlobally;
    }

private function isSourceSandboxed(?Source $source): bool
    {
        if (null === $source || null === $this->sourcePolicy) {
            return false;
        }

return $this->sourcePolicy->enableSandbox($source);
    }

public function setSecurityPolicy(SecurityPolicyInterface $policy): void
    {
        $this->policy = $policy;
    }

public function getSecurityPolicy(): SecurityPolicyInterface
    {
        return $this->policy;
    }

public function checkSecurity($tags, $filters, $functions, ?Source $source = null): void
    {
        if ($this->isSandboxed($source)) {
            $this->policy->checkSecurity($tags, $filters, $functions);
        }
    }

public function checkMethodAllowed($obj, $method, int $lineno = -1, ?Source $source = null): void
    {
        if ($this->isSandboxed($source)) {
            try {
                $this->policy->checkMethodAllowed($obj, $method);
            } catch (SecurityNotAllowedMethodError $e) {
                $e->setSourceContext($source);
                $e->setTemplateLine($lineno);

throw $e;
            }
        }
    }

public function checkPropertyAllowed($obj, $property, int $lineno = -1, ?Source $source = null): void
    {
        if ($this->isSandboxed($source)) {
            try {
                $this->policy->checkPropertyAllowed($obj, $property);
            } catch (SecurityNotAllowedPropertyError $e) {
                $e->setSourceContext($source);
                $e->setTemplateLine($lineno);

throw $e;
            }
        }
    }

/**
     * @throws SecurityNotAllowedMethodError
     */
    public function ensureToStringAllowed($obj, int $lineno = -1, ?Source $source = null)
    {
        if (\is_array($obj)) {
            $this->ensureToStringAllowedForArray($obj, $lineno, $source);

return $obj;
        }

if ($obj instanceof \Stringable && $this->isSandboxed($source)) {
            try {
                $this->policy->checkMethodAllowed($obj, '__toString');
            } catch (SecurityNotAllowedMethodError $e) {
                $e->setSourceContext($source);
                $e->setTemplateLine($lineno);

throw $e;
            }
        }

return $obj;
    }

private function ensureToStringAllowedForArray(array $obj, int $lineno, ?Source $source, array &$stack = []): void
    {
        foreach ($obj as $k => $v) {
            if (!$v) {
                continue;
            }

if (!\is_array($v)) {
                $this->ensureToStringAllowed($v, $lineno, $source);
                continue;
            }

if ($r = \ReflectionReference::fromArrayElement($obj, $k)) {
                if (isset($stack[$r->getId()])) {
                    continue;
                }

$stack[$r->getId()] = true;
            }

$this->ensureToStringAllowedForArray($v, $lineno, $source, $stack);
        }
    }
}