xref: /webtrees/app/Http/Middleware/PublicFiles.php (revision 5202ba85a0d3fcfdf20064e682651a114e8388af) 
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2023 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Http\Middleware;
21
22use Fig\Http\Message\StatusCodeInterface;
23use Fisharebest\Webtrees\Mime;
24use Fisharebest\Webtrees\Webtrees;
25use Psr\Http\Message\ResponseInterface;
26use Psr\Http\Message\ServerRequestInterface;
27use Psr\Http\Server\MiddlewareInterface;
28use Psr\Http\Server\RequestHandlerInterface;
29
30use function file_exists;
31use function file_get_contents;
32use function pathinfo;
33use function response;
34use function str_starts_with;
35use function strtoupper;
36
37use const PATHINFO_EXTENSION;
38
39/**
40 * Provide access to files in the folder /public, for cli-server requests and in case the web-server doesn't do this.
41 */
42class PublicFiles implements MiddlewareInterface
43{
44    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
45    {
46        $path = $request->getUri()->getPath();
47        if (str_starts_with($path, '/public/') && !str_contains($path, '..')) {
48            $file = Webtrees::ROOT_DIR . $path;
49
50            if (file_exists($file)) {
51                $content   = file_get_contents($file);
52                $extension = strtoupper(pathinfo($file, PATHINFO_EXTENSION));
53                $mime_type = Mime::TYPES[$extension] ?? Mime::DEFAULT_TYPE;
54
55                return response($content, StatusCodeInterface::STATUS_OK, [
56                    'cache-control' => 'public,max-age=31536000',
57                    'content-type'  => $mime_type,
58                ]);
59            }
60        }
61
62        return $handler->handle($request);
63    }
64}
65