Response.php 39 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\HttpFoundation;
  11. /**
  12. * Response represents an HTTP response.
  13. *
  14. * @author Fabien Potencier <fabien@symfony.com>
  15. */
  16. class Response
  17. {
  18. const HTTP_CONTINUE = 100;
  19. const HTTP_SWITCHING_PROTOCOLS = 101;
  20. const HTTP_PROCESSING = 102; // RFC2518
  21. const HTTP_EARLY_HINTS = 103; // RFC8297
  22. const HTTP_OK = 200;
  23. const HTTP_CREATED = 201;
  24. const HTTP_ACCEPTED = 202;
  25. const HTTP_NON_AUTHORITATIVE_INFORMATION = 203;
  26. const HTTP_NO_CONTENT = 204;
  27. const HTTP_RESET_CONTENT = 205;
  28. const HTTP_PARTIAL_CONTENT = 206;
  29. const HTTP_MULTI_STATUS = 207; // RFC4918
  30. const HTTP_ALREADY_REPORTED = 208; // RFC5842
  31. const HTTP_IM_USED = 226; // RFC3229
  32. const HTTP_MULTIPLE_CHOICES = 300;
  33. const HTTP_MOVED_PERMANENTLY = 301;
  34. const HTTP_FOUND = 302;
  35. const HTTP_SEE_OTHER = 303;
  36. const HTTP_NOT_MODIFIED = 304;
  37. const HTTP_USE_PROXY = 305;
  38. const HTTP_RESERVED = 306;
  39. const HTTP_TEMPORARY_REDIRECT = 307;
  40. const HTTP_PERMANENTLY_REDIRECT = 308; // RFC7238
  41. const HTTP_BAD_REQUEST = 400;
  42. const HTTP_UNAUTHORIZED = 401;
  43. const HTTP_PAYMENT_REQUIRED = 402;
  44. const HTTP_FORBIDDEN = 403;
  45. const HTTP_NOT_FOUND = 404;
  46. const HTTP_METHOD_NOT_ALLOWED = 405;
  47. const HTTP_NOT_ACCEPTABLE = 406;
  48. const HTTP_PROXY_AUTHENTICATION_REQUIRED = 407;
  49. const HTTP_REQUEST_TIMEOUT = 408;
  50. const HTTP_CONFLICT = 409;
  51. const HTTP_GONE = 410;
  52. const HTTP_LENGTH_REQUIRED = 411;
  53. const HTTP_PRECONDITION_FAILED = 412;
  54. const HTTP_REQUEST_ENTITY_TOO_LARGE = 413;
  55. const HTTP_REQUEST_URI_TOO_LONG = 414;
  56. const HTTP_UNSUPPORTED_MEDIA_TYPE = 415;
  57. const HTTP_REQUESTED_RANGE_NOT_SATISFIABLE = 416;
  58. const HTTP_EXPECTATION_FAILED = 417;
  59. const HTTP_I_AM_A_TEAPOT = 418; // RFC2324
  60. const HTTP_MISDIRECTED_REQUEST = 421; // RFC7540
  61. const HTTP_UNPROCESSABLE_ENTITY = 422; // RFC4918
  62. const HTTP_LOCKED = 423; // RFC4918
  63. const HTTP_FAILED_DEPENDENCY = 424; // RFC4918
  64. /**
  65. * @deprecated
  66. */
  67. const HTTP_RESERVED_FOR_WEBDAV_ADVANCED_COLLECTIONS_EXPIRED_PROPOSAL = 425; // RFC2817
  68. const HTTP_TOO_EARLY = 425; // RFC-ietf-httpbis-replay-04
  69. const HTTP_UPGRADE_REQUIRED = 426; // RFC2817
  70. const HTTP_PRECONDITION_REQUIRED = 428; // RFC6585
  71. const HTTP_TOO_MANY_REQUESTS = 429; // RFC6585
  72. const HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE = 431; // RFC6585
  73. const HTTP_UNAVAILABLE_FOR_LEGAL_REASONS = 451;
  74. const HTTP_INTERNAL_SERVER_ERROR = 500;
  75. const HTTP_NOT_IMPLEMENTED = 501;
  76. const HTTP_BAD_GATEWAY = 502;
  77. const HTTP_SERVICE_UNAVAILABLE = 503;
  78. const HTTP_GATEWAY_TIMEOUT = 504;
  79. const HTTP_VERSION_NOT_SUPPORTED = 505;
  80. const HTTP_VARIANT_ALSO_NEGOTIATES_EXPERIMENTAL = 506; // RFC2295
  81. const HTTP_INSUFFICIENT_STORAGE = 507; // RFC4918
  82. const HTTP_LOOP_DETECTED = 508; // RFC5842
  83. const HTTP_NOT_EXTENDED = 510; // RFC2774
  84. const HTTP_NETWORK_AUTHENTICATION_REQUIRED = 511; // RFC6585
  85. /**
  86. * @var \Symfony\Component\HttpFoundation\ResponseHeaderBag
  87. */
  88. public $headers;
  89. /**
  90. * @var string
  91. */
  92. protected $content;
  93. /**
  94. * @var string
  95. */
  96. protected $version;
  97. /**
  98. * @var int
  99. */
  100. protected $statusCode;
  101. /**
  102. * @var string
  103. */
  104. protected $statusText;
  105. /**
  106. * @var string
  107. */
  108. protected $charset;
  109. /**
  110. * Status codes translation table.
  111. *
  112. * The list of codes is complete according to the
  113. * {@link http://www.iana.org/assignments/http-status-codes/ Hypertext Transfer Protocol (HTTP) Status Code Registry}
  114. * (last updated 2016-03-01).
  115. *
  116. * Unless otherwise noted, the status code is defined in RFC2616.
  117. *
  118. * @var array
  119. */
  120. public static $statusTexts = [
  121. 100 => 'Continue',
  122. 101 => 'Switching Protocols',
  123. 102 => 'Processing', // RFC2518
  124. 103 => 'Early Hints',
  125. 200 => 'OK',
  126. 201 => 'Created',
  127. 202 => 'Accepted',
  128. 203 => 'Non-Authoritative Information',
  129. 204 => 'No Content',
  130. 205 => 'Reset Content',
  131. 206 => 'Partial Content',
  132. 207 => 'Multi-Status', // RFC4918
  133. 208 => 'Already Reported', // RFC5842
  134. 226 => 'IM Used', // RFC3229
  135. 300 => 'Multiple Choices',
  136. 301 => 'Moved Permanently',
  137. 302 => 'Found',
  138. 303 => 'See Other',
  139. 304 => 'Not Modified',
  140. 305 => 'Use Proxy',
  141. 307 => 'Temporary Redirect',
  142. 308 => 'Permanent Redirect', // RFC7238
  143. 400 => 'Bad Request',
  144. 401 => 'Unauthorized',
  145. 402 => 'Payment Required',
  146. 403 => 'Forbidden',
  147. 404 => 'Not Found',
  148. 405 => 'Method Not Allowed',
  149. 406 => 'Not Acceptable',
  150. 407 => 'Proxy Authentication Required',
  151. 408 => 'Request Timeout',
  152. 409 => 'Conflict',
  153. 410 => 'Gone',
  154. 411 => 'Length Required',
  155. 412 => 'Precondition Failed',
  156. 413 => 'Payload Too Large',
  157. 414 => 'URI Too Long',
  158. 415 => 'Unsupported Media Type',
  159. 416 => 'Range Not Satisfiable',
  160. 417 => 'Expectation Failed',
  161. 418 => 'I\'m a teapot', // RFC2324
  162. 421 => 'Misdirected Request', // RFC7540
  163. 422 => 'Unprocessable Entity', // RFC4918
  164. 423 => 'Locked', // RFC4918
  165. 424 => 'Failed Dependency', // RFC4918
  166. 425 => 'Too Early', // RFC-ietf-httpbis-replay-04
  167. 426 => 'Upgrade Required', // RFC2817
  168. 428 => 'Precondition Required', // RFC6585
  169. 429 => 'Too Many Requests', // RFC6585
  170. 431 => 'Request Header Fields Too Large', // RFC6585
  171. 451 => 'Unavailable For Legal Reasons', // RFC7725
  172. 500 => 'Internal Server Error',
  173. 501 => 'Not Implemented',
  174. 502 => 'Bad Gateway',
  175. 503 => 'Service Unavailable',
  176. 504 => 'Gateway Timeout',
  177. 505 => 'HTTP Version Not Supported',
  178. 506 => 'Variant Also Negotiates', // RFC2295
  179. 507 => 'Insufficient Storage', // RFC4918
  180. 508 => 'Loop Detected', // RFC5842
  181. 510 => 'Not Extended', // RFC2774
  182. 511 => 'Network Authentication Required', // RFC6585
  183. ];
  184. /**
  185. * @param mixed $content The response content, see setContent()
  186. * @param int $status The response status code
  187. * @param array $headers An array of response headers
  188. *
  189. * @throws \InvalidArgumentException When the HTTP status code is not valid
  190. */
  191. public function __construct($content = '', $status = 200, $headers = [])
  192. {
  193. $this->headers = new ResponseHeaderBag($headers);
  194. $this->setContent($content);
  195. $this->setStatusCode($status);
  196. $this->setProtocolVersion('1.0');
  197. }
  198. /**
  199. * Factory method for chainability.
  200. *
  201. * Example:
  202. *
  203. * return Response::create($body, 200)
  204. * ->setSharedMaxAge(300);
  205. *
  206. * @param mixed $content The response content, see setContent()
  207. * @param int $status The response status code
  208. * @param array $headers An array of response headers
  209. *
  210. * @return static
  211. */
  212. public static function create($content = '', $status = 200, $headers = [])
  213. {
  214. return new static($content, $status, $headers);
  215. }
  216. /**
  217. * Returns the Response as an HTTP string.
  218. *
  219. * The string representation of the Response is the same as the
  220. * one that will be sent to the client only if the prepare() method
  221. * has been called before.
  222. *
  223. * @return string The Response as an HTTP string
  224. *
  225. * @see prepare()
  226. */
  227. public function __toString()
  228. {
  229. return
  230. sprintf('HTTP/%s %s %s', $this->version, $this->statusCode, $this->statusText)."\r\n".
  231. $this->headers."\r\n".
  232. $this->getContent();
  233. }
  234. /**
  235. * Clones the current Response instance.
  236. */
  237. public function __clone()
  238. {
  239. $this->headers = clone $this->headers;
  240. }
  241. /**
  242. * Prepares the Response before it is sent to the client.
  243. *
  244. * This method tweaks the Response to ensure that it is
  245. * compliant with RFC 2616. Most of the changes are based on
  246. * the Request that is "associated" with this Response.
  247. *
  248. * @return $this
  249. */
  250. public function prepare(Request $request)
  251. {
  252. $headers = $this->headers;
  253. if ($this->isInformational() || $this->isEmpty()) {
  254. $this->setContent(null);
  255. $headers->remove('Content-Type');
  256. $headers->remove('Content-Length');
  257. } else {
  258. // Content-type based on the Request
  259. if (!$headers->has('Content-Type')) {
  260. $format = $request->getRequestFormat();
  261. if (null !== $format && $mimeType = $request->getMimeType($format)) {
  262. $headers->set('Content-Type', $mimeType);
  263. }
  264. }
  265. // Fix Content-Type
  266. $charset = $this->charset ?: 'UTF-8';
  267. if (!$headers->has('Content-Type')) {
  268. $headers->set('Content-Type', 'text/html; charset='.$charset);
  269. } elseif (0 === stripos($headers->get('Content-Type'), 'text/') && false === stripos($headers->get('Content-Type'), 'charset')) {
  270. // add the charset
  271. $headers->set('Content-Type', $headers->get('Content-Type').'; charset='.$charset);
  272. }
  273. // Fix Content-Length
  274. if ($headers->has('Transfer-Encoding')) {
  275. $headers->remove('Content-Length');
  276. }
  277. if ($request->isMethod('HEAD')) {
  278. // cf. RFC2616 14.13
  279. $length = $headers->get('Content-Length');
  280. $this->setContent(null);
  281. if ($length) {
  282. $headers->set('Content-Length', $length);
  283. }
  284. }
  285. }
  286. // Fix protocol
  287. if ('HTTP/1.0' != $request->server->get('SERVER_PROTOCOL')) {
  288. $this->setProtocolVersion('1.1');
  289. }
  290. // Check if we need to send extra expire info headers
  291. if ('1.0' == $this->getProtocolVersion() && false !== strpos($headers->get('Cache-Control'), 'no-cache')) {
  292. $headers->set('pragma', 'no-cache');
  293. $headers->set('expires', -1);
  294. }
  295. $this->ensureIEOverSSLCompatibility($request);
  296. return $this;
  297. }
  298. /**
  299. * Sends HTTP headers.
  300. *
  301. * @return $this
  302. */
  303. public function sendHeaders()
  304. {
  305. // headers have already been sent by the developer
  306. if (headers_sent()) {
  307. return $this;
  308. }
  309. // headers
  310. foreach ($this->headers->allPreserveCaseWithoutCookies() as $name => $values) {
  311. $replace = 0 === strcasecmp($name, 'Content-Type');
  312. foreach ($values as $value) {
  313. header($name.': '.$value, $replace, $this->statusCode);
  314. }
  315. }
  316. // cookies
  317. foreach ($this->headers->getCookies() as $cookie) {
  318. header('Set-Cookie: '.$cookie->getName().strstr($cookie, '='), false, $this->statusCode);
  319. }
  320. // status
  321. header(sprintf('HTTP/%s %s %s', $this->version, $this->statusCode, $this->statusText), true, $this->statusCode);
  322. return $this;
  323. }
  324. /**
  325. * Sends content for the current web response.
  326. *
  327. * @return $this
  328. */
  329. public function sendContent()
  330. {
  331. echo $this->content;
  332. return $this;
  333. }
  334. /**
  335. * Sends HTTP headers and content.
  336. *
  337. * @return $this
  338. */
  339. public function send()
  340. {
  341. $this->sendHeaders();
  342. $this->sendContent();
  343. if (\function_exists('fastcgi_finish_request')) {
  344. fastcgi_finish_request();
  345. } elseif (!\in_array(\PHP_SAPI, ['cli', 'phpdbg'], true)) {
  346. static::closeOutputBuffers(0, true);
  347. }
  348. return $this;
  349. }
  350. /**
  351. * Sets the response content.
  352. *
  353. * Valid types are strings, numbers, null, and objects that implement a __toString() method.
  354. *
  355. * @param mixed $content Content that can be cast to string
  356. *
  357. * @return $this
  358. *
  359. * @throws \UnexpectedValueException
  360. */
  361. public function setContent($content)
  362. {
  363. if (null !== $content && !\is_string($content) && !is_numeric($content) && !\is_callable([$content, '__toString'])) {
  364. throw new \UnexpectedValueException(sprintf('The Response content must be a string or object implementing __toString(), "%s" given.', \gettype($content)));
  365. }
  366. $this->content = (string) $content;
  367. return $this;
  368. }
  369. /**
  370. * Gets the current response content.
  371. *
  372. * @return string Content
  373. */
  374. public function getContent()
  375. {
  376. return $this->content;
  377. }
  378. /**
  379. * Sets the HTTP protocol version (1.0 or 1.1).
  380. *
  381. * @param string $version The HTTP protocol version
  382. *
  383. * @return $this
  384. *
  385. * @final since version 3.2
  386. */
  387. public function setProtocolVersion($version)
  388. {
  389. $this->version = $version;
  390. return $this;
  391. }
  392. /**
  393. * Gets the HTTP protocol version.
  394. *
  395. * @return string The HTTP protocol version
  396. *
  397. * @final since version 3.2
  398. */
  399. public function getProtocolVersion()
  400. {
  401. return $this->version;
  402. }
  403. /**
  404. * Sets the response status code.
  405. *
  406. * If the status text is null it will be automatically populated for the known
  407. * status codes and left empty otherwise.
  408. *
  409. * @param int $code HTTP status code
  410. * @param mixed $text HTTP status text
  411. *
  412. * @return $this
  413. *
  414. * @throws \InvalidArgumentException When the HTTP status code is not valid
  415. *
  416. * @final since version 3.2
  417. */
  418. public function setStatusCode($code, $text = null)
  419. {
  420. $this->statusCode = $code = (int) $code;
  421. if ($this->isInvalid()) {
  422. throw new \InvalidArgumentException(sprintf('The HTTP status code "%s" is not valid.', $code));
  423. }
  424. if (null === $text) {
  425. $this->statusText = isset(self::$statusTexts[$code]) ? self::$statusTexts[$code] : 'unknown status';
  426. return $this;
  427. }
  428. if (false === $text) {
  429. $this->statusText = '';
  430. return $this;
  431. }
  432. $this->statusText = $text;
  433. return $this;
  434. }
  435. /**
  436. * Retrieves the status code for the current web response.
  437. *
  438. * @return int Status code
  439. *
  440. * @final since version 3.2
  441. */
  442. public function getStatusCode()
  443. {
  444. return $this->statusCode;
  445. }
  446. /**
  447. * Sets the response charset.
  448. *
  449. * @param string $charset Character set
  450. *
  451. * @return $this
  452. *
  453. * @final since version 3.2
  454. */
  455. public function setCharset($charset)
  456. {
  457. $this->charset = $charset;
  458. return $this;
  459. }
  460. /**
  461. * Retrieves the response charset.
  462. *
  463. * @return string Character set
  464. *
  465. * @final since version 3.2
  466. */
  467. public function getCharset()
  468. {
  469. return $this->charset;
  470. }
  471. /**
  472. * Returns true if the response may safely be kept in a shared (surrogate) cache.
  473. *
  474. * Responses marked "private" with an explicit Cache-Control directive are
  475. * considered uncacheable.
  476. *
  477. * Responses with neither a freshness lifetime (Expires, max-age) nor cache
  478. * validator (Last-Modified, ETag) are considered uncacheable because there is
  479. * no way to tell when or how to remove them from the cache.
  480. *
  481. * Note that RFC 7231 and RFC 7234 possibly allow for a more permissive implementation,
  482. * for example "status codes that are defined as cacheable by default [...]
  483. * can be reused by a cache with heuristic expiration unless otherwise indicated"
  484. * (https://tools.ietf.org/html/rfc7231#section-6.1)
  485. *
  486. * @return bool true if the response is worth caching, false otherwise
  487. *
  488. * @final since version 3.3
  489. */
  490. public function isCacheable()
  491. {
  492. if (!\in_array($this->statusCode, [200, 203, 300, 301, 302, 404, 410])) {
  493. return false;
  494. }
  495. if ($this->headers->hasCacheControlDirective('no-store') || $this->headers->getCacheControlDirective('private')) {
  496. return false;
  497. }
  498. return $this->isValidateable() || $this->isFresh();
  499. }
  500. /**
  501. * Returns true if the response is "fresh".
  502. *
  503. * Fresh responses may be served from cache without any interaction with the
  504. * origin. A response is considered fresh when it includes a Cache-Control/max-age
  505. * indicator or Expires header and the calculated age is less than the freshness lifetime.
  506. *
  507. * @return bool true if the response is fresh, false otherwise
  508. *
  509. * @final since version 3.3
  510. */
  511. public function isFresh()
  512. {
  513. return $this->getTtl() > 0;
  514. }
  515. /**
  516. * Returns true if the response includes headers that can be used to validate
  517. * the response with the origin server using a conditional GET request.
  518. *
  519. * @return bool true if the response is validateable, false otherwise
  520. *
  521. * @final since version 3.3
  522. */
  523. public function isValidateable()
  524. {
  525. return $this->headers->has('Last-Modified') || $this->headers->has('ETag');
  526. }
  527. /**
  528. * Marks the response as "private".
  529. *
  530. * It makes the response ineligible for serving other clients.
  531. *
  532. * @return $this
  533. *
  534. * @final since version 3.2
  535. */
  536. public function setPrivate()
  537. {
  538. $this->headers->removeCacheControlDirective('public');
  539. $this->headers->addCacheControlDirective('private');
  540. return $this;
  541. }
  542. /**
  543. * Marks the response as "public".
  544. *
  545. * It makes the response eligible for serving other clients.
  546. *
  547. * @return $this
  548. *
  549. * @final since version 3.2
  550. */
  551. public function setPublic()
  552. {
  553. $this->headers->addCacheControlDirective('public');
  554. $this->headers->removeCacheControlDirective('private');
  555. return $this;
  556. }
  557. /**
  558. * Marks the response as "immutable".
  559. *
  560. * @param bool $immutable enables or disables the immutable directive
  561. *
  562. * @return $this
  563. *
  564. * @final
  565. */
  566. public function setImmutable($immutable = true)
  567. {
  568. if ($immutable) {
  569. $this->headers->addCacheControlDirective('immutable');
  570. } else {
  571. $this->headers->removeCacheControlDirective('immutable');
  572. }
  573. return $this;
  574. }
  575. /**
  576. * Returns true if the response is marked as "immutable".
  577. *
  578. * @return bool returns true if the response is marked as "immutable"; otherwise false
  579. *
  580. * @final
  581. */
  582. public function isImmutable()
  583. {
  584. return $this->headers->hasCacheControlDirective('immutable');
  585. }
  586. /**
  587. * Returns true if the response must be revalidated by caches.
  588. *
  589. * This method indicates that the response must not be served stale by a
  590. * cache in any circumstance without first revalidating with the origin.
  591. * When present, the TTL of the response should not be overridden to be
  592. * greater than the value provided by the origin.
  593. *
  594. * @return bool true if the response must be revalidated by a cache, false otherwise
  595. *
  596. * @final since version 3.3
  597. */
  598. public function mustRevalidate()
  599. {
  600. return $this->headers->hasCacheControlDirective('must-revalidate') || $this->headers->hasCacheControlDirective('proxy-revalidate');
  601. }
  602. /**
  603. * Returns the Date header as a DateTime instance.
  604. *
  605. * @return \DateTime A \DateTime instance
  606. *
  607. * @throws \RuntimeException When the header is not parseable
  608. *
  609. * @final since version 3.2
  610. */
  611. public function getDate()
  612. {
  613. return $this->headers->getDate('Date');
  614. }
  615. /**
  616. * Sets the Date header.
  617. *
  618. * @return $this
  619. *
  620. * @final since version 3.2
  621. */
  622. public function setDate(\DateTime $date)
  623. {
  624. $date->setTimezone(new \DateTimeZone('UTC'));
  625. $this->headers->set('Date', $date->format('D, d M Y H:i:s').' GMT');
  626. return $this;
  627. }
  628. /**
  629. * Returns the age of the response.
  630. *
  631. * @return int The age of the response in seconds
  632. *
  633. * @final since version 3.2
  634. */
  635. public function getAge()
  636. {
  637. if (null !== $age = $this->headers->get('Age')) {
  638. return (int) $age;
  639. }
  640. return max(time() - $this->getDate()->format('U'), 0);
  641. }
  642. /**
  643. * Marks the response stale by setting the Age header to be equal to the maximum age of the response.
  644. *
  645. * @return $this
  646. */
  647. public function expire()
  648. {
  649. if ($this->isFresh()) {
  650. $this->headers->set('Age', $this->getMaxAge());
  651. $this->headers->remove('Expires');
  652. }
  653. return $this;
  654. }
  655. /**
  656. * Returns the value of the Expires header as a DateTime instance.
  657. *
  658. * @return \DateTime|null A DateTime instance or null if the header does not exist
  659. *
  660. * @final since version 3.2
  661. */
  662. public function getExpires()
  663. {
  664. try {
  665. return $this->headers->getDate('Expires');
  666. } catch (\RuntimeException $e) {
  667. // according to RFC 2616 invalid date formats (e.g. "0" and "-1") must be treated as in the past
  668. return \DateTime::createFromFormat(DATE_RFC2822, 'Sat, 01 Jan 00 00:00:00 +0000');
  669. }
  670. }
  671. /**
  672. * Sets the Expires HTTP header with a DateTime instance.
  673. *
  674. * Passing null as value will remove the header.
  675. *
  676. * @param \DateTime|null $date A \DateTime instance or null to remove the header
  677. *
  678. * @return $this
  679. *
  680. * @final since version 3.2
  681. */
  682. public function setExpires(\DateTime $date = null)
  683. {
  684. if (null === $date) {
  685. $this->headers->remove('Expires');
  686. } else {
  687. $date = clone $date;
  688. $date->setTimezone(new \DateTimeZone('UTC'));
  689. $this->headers->set('Expires', $date->format('D, d M Y H:i:s').' GMT');
  690. }
  691. return $this;
  692. }
  693. /**
  694. * Returns the number of seconds after the time specified in the response's Date
  695. * header when the response should no longer be considered fresh.
  696. *
  697. * First, it checks for a s-maxage directive, then a max-age directive, and then it falls
  698. * back on an expires header. It returns null when no maximum age can be established.
  699. *
  700. * @return int|null Number of seconds
  701. *
  702. * @final since version 3.2
  703. */
  704. public function getMaxAge()
  705. {
  706. if ($this->headers->hasCacheControlDirective('s-maxage')) {
  707. return (int) $this->headers->getCacheControlDirective('s-maxage');
  708. }
  709. if ($this->headers->hasCacheControlDirective('max-age')) {
  710. return (int) $this->headers->getCacheControlDirective('max-age');
  711. }
  712. if (null !== $this->getExpires()) {
  713. return $this->getExpires()->format('U') - $this->getDate()->format('U');
  714. }
  715. }
  716. /**
  717. * Sets the number of seconds after which the response should no longer be considered fresh.
  718. *
  719. * This methods sets the Cache-Control max-age directive.
  720. *
  721. * @param int $value Number of seconds
  722. *
  723. * @return $this
  724. *
  725. * @final since version 3.2
  726. */
  727. public function setMaxAge($value)
  728. {
  729. $this->headers->addCacheControlDirective('max-age', $value);
  730. return $this;
  731. }
  732. /**
  733. * Sets the number of seconds after which the response should no longer be considered fresh by shared caches.
  734. *
  735. * This methods sets the Cache-Control s-maxage directive.
  736. *
  737. * @param int $value Number of seconds
  738. *
  739. * @return $this
  740. *
  741. * @final since version 3.2
  742. */
  743. public function setSharedMaxAge($value)
  744. {
  745. $this->setPublic();
  746. $this->headers->addCacheControlDirective('s-maxage', $value);
  747. return $this;
  748. }
  749. /**
  750. * Returns the response's time-to-live in seconds.
  751. *
  752. * It returns null when no freshness information is present in the response.
  753. *
  754. * When the responses TTL is <= 0, the response may not be served from cache without first
  755. * revalidating with the origin.
  756. *
  757. * @return int|null The TTL in seconds
  758. *
  759. * @final since version 3.2
  760. */
  761. public function getTtl()
  762. {
  763. if (null !== $maxAge = $this->getMaxAge()) {
  764. return $maxAge - $this->getAge();
  765. }
  766. }
  767. /**
  768. * Sets the response's time-to-live for shared caches.
  769. *
  770. * This method adjusts the Cache-Control/s-maxage directive.
  771. *
  772. * @param int $seconds Number of seconds
  773. *
  774. * @return $this
  775. *
  776. * @final since version 3.2
  777. */
  778. public function setTtl($seconds)
  779. {
  780. $this->setSharedMaxAge($this->getAge() + $seconds);
  781. return $this;
  782. }
  783. /**
  784. * Sets the response's time-to-live for private/client caches.
  785. *
  786. * This method adjusts the Cache-Control/max-age directive.
  787. *
  788. * @param int $seconds Number of seconds
  789. *
  790. * @return $this
  791. *
  792. * @final since version 3.2
  793. */
  794. public function setClientTtl($seconds)
  795. {
  796. $this->setMaxAge($this->getAge() + $seconds);
  797. return $this;
  798. }
  799. /**
  800. * Returns the Last-Modified HTTP header as a DateTime instance.
  801. *
  802. * @return \DateTime|null A DateTime instance or null if the header does not exist
  803. *
  804. * @throws \RuntimeException When the HTTP header is not parseable
  805. *
  806. * @final since version 3.2
  807. */
  808. public function getLastModified()
  809. {
  810. return $this->headers->getDate('Last-Modified');
  811. }
  812. /**
  813. * Sets the Last-Modified HTTP header with a DateTime instance.
  814. *
  815. * Passing null as value will remove the header.
  816. *
  817. * @param \DateTime|null $date A \DateTime instance or null to remove the header
  818. *
  819. * @return $this
  820. *
  821. * @final since version 3.2
  822. */
  823. public function setLastModified(\DateTime $date = null)
  824. {
  825. if (null === $date) {
  826. $this->headers->remove('Last-Modified');
  827. } else {
  828. $date = clone $date;
  829. $date->setTimezone(new \DateTimeZone('UTC'));
  830. $this->headers->set('Last-Modified', $date->format('D, d M Y H:i:s').' GMT');
  831. }
  832. return $this;
  833. }
  834. /**
  835. * Returns the literal value of the ETag HTTP header.
  836. *
  837. * @return string|null The ETag HTTP header or null if it does not exist
  838. *
  839. * @final since version 3.2
  840. */
  841. public function getEtag()
  842. {
  843. return $this->headers->get('ETag');
  844. }
  845. /**
  846. * Sets the ETag value.
  847. *
  848. * @param string|null $etag The ETag unique identifier or null to remove the header
  849. * @param bool $weak Whether you want a weak ETag or not
  850. *
  851. * @return $this
  852. *
  853. * @final since version 3.2
  854. */
  855. public function setEtag($etag = null, $weak = false)
  856. {
  857. if (null === $etag) {
  858. $this->headers->remove('Etag');
  859. } else {
  860. if (0 !== strpos($etag, '"')) {
  861. $etag = '"'.$etag.'"';
  862. }
  863. $this->headers->set('ETag', (true === $weak ? 'W/' : '').$etag);
  864. }
  865. return $this;
  866. }
  867. /**
  868. * Sets the response's cache headers (validation and/or expiration).
  869. *
  870. * Available options are: etag, last_modified, max_age, s_maxage, private, public and immutable.
  871. *
  872. * @param array $options An array of cache options
  873. *
  874. * @return $this
  875. *
  876. * @throws \InvalidArgumentException
  877. *
  878. * @final since version 3.3
  879. */
  880. public function setCache(array $options)
  881. {
  882. if ($diff = array_diff(array_keys($options), ['etag', 'last_modified', 'max_age', 's_maxage', 'private', 'public', 'immutable'])) {
  883. throw new \InvalidArgumentException(sprintf('Response does not support the following options: "%s".', implode('", "', $diff)));
  884. }
  885. if (isset($options['etag'])) {
  886. $this->setEtag($options['etag']);
  887. }
  888. if (isset($options['last_modified'])) {
  889. $this->setLastModified($options['last_modified']);
  890. }
  891. if (isset($options['max_age'])) {
  892. $this->setMaxAge($options['max_age']);
  893. }
  894. if (isset($options['s_maxage'])) {
  895. $this->setSharedMaxAge($options['s_maxage']);
  896. }
  897. if (isset($options['public'])) {
  898. if ($options['public']) {
  899. $this->setPublic();
  900. } else {
  901. $this->setPrivate();
  902. }
  903. }
  904. if (isset($options['private'])) {
  905. if ($options['private']) {
  906. $this->setPrivate();
  907. } else {
  908. $this->setPublic();
  909. }
  910. }
  911. if (isset($options['immutable'])) {
  912. $this->setImmutable((bool) $options['immutable']);
  913. }
  914. return $this;
  915. }
  916. /**
  917. * Modifies the response so that it conforms to the rules defined for a 304 status code.
  918. *
  919. * This sets the status, removes the body, and discards any headers
  920. * that MUST NOT be included in 304 responses.
  921. *
  922. * @return $this
  923. *
  924. * @see http://tools.ietf.org/html/rfc2616#section-10.3.5
  925. *
  926. * @final since version 3.3
  927. */
  928. public function setNotModified()
  929. {
  930. $this->setStatusCode(304);
  931. $this->setContent(null);
  932. // remove headers that MUST NOT be included with 304 Not Modified responses
  933. foreach (['Allow', 'Content-Encoding', 'Content-Language', 'Content-Length', 'Content-MD5', 'Content-Type', 'Last-Modified'] as $header) {
  934. $this->headers->remove($header);
  935. }
  936. return $this;
  937. }
  938. /**
  939. * Returns true if the response includes a Vary header.
  940. *
  941. * @return bool true if the response includes a Vary header, false otherwise
  942. *
  943. * @final since version 3.2
  944. */
  945. public function hasVary()
  946. {
  947. return null !== $this->headers->get('Vary');
  948. }
  949. /**
  950. * Returns an array of header names given in the Vary header.
  951. *
  952. * @return array An array of Vary names
  953. *
  954. * @final since version 3.2
  955. */
  956. public function getVary()
  957. {
  958. if (!$vary = $this->headers->get('Vary', null, false)) {
  959. return [];
  960. }
  961. $ret = [];
  962. foreach ($vary as $item) {
  963. $ret = array_merge($ret, preg_split('/[\s,]+/', $item));
  964. }
  965. return $ret;
  966. }
  967. /**
  968. * Sets the Vary header.
  969. *
  970. * @param string|array $headers
  971. * @param bool $replace Whether to replace the actual value or not (true by default)
  972. *
  973. * @return $this
  974. *
  975. * @final since version 3.2
  976. */
  977. public function setVary($headers, $replace = true)
  978. {
  979. $this->headers->set('Vary', $headers, $replace);
  980. return $this;
  981. }
  982. /**
  983. * Determines if the Response validators (ETag, Last-Modified) match
  984. * a conditional value specified in the Request.
  985. *
  986. * If the Response is not modified, it sets the status code to 304 and
  987. * removes the actual content by calling the setNotModified() method.
  988. *
  989. * @return bool true if the Response validators match the Request, false otherwise
  990. *
  991. * @final since version 3.3
  992. */
  993. public function isNotModified(Request $request)
  994. {
  995. if (!$request->isMethodCacheable()) {
  996. return false;
  997. }
  998. $notModified = false;
  999. $lastModified = $this->headers->get('Last-Modified');
  1000. $modifiedSince = $request->headers->get('If-Modified-Since');
  1001. if ($etags = $request->getETags()) {
  1002. $notModified = \in_array($this->getEtag(), $etags) || \in_array('*', $etags);
  1003. }
  1004. if ($modifiedSince && $lastModified) {
  1005. $notModified = strtotime($modifiedSince) >= strtotime($lastModified) && (!$etags || $notModified);
  1006. }
  1007. if ($notModified) {
  1008. $this->setNotModified();
  1009. }
  1010. return $notModified;
  1011. }
  1012. /**
  1013. * Is response invalid?
  1014. *
  1015. * @return bool
  1016. *
  1017. * @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
  1018. *
  1019. * @final since version 3.2
  1020. */
  1021. public function isInvalid()
  1022. {
  1023. return $this->statusCode < 100 || $this->statusCode >= 600;
  1024. }
  1025. /**
  1026. * Is response informative?
  1027. *
  1028. * @return bool
  1029. *
  1030. * @final since version 3.3
  1031. */
  1032. public function isInformational()
  1033. {
  1034. return $this->statusCode >= 100 && $this->statusCode < 200;
  1035. }
  1036. /**
  1037. * Is response successful?
  1038. *
  1039. * @return bool
  1040. *
  1041. * @final since version 3.2
  1042. */
  1043. public function isSuccessful()
  1044. {
  1045. return $this->statusCode >= 200 && $this->statusCode < 300;
  1046. }
  1047. /**
  1048. * Is the response a redirect?
  1049. *
  1050. * @return bool
  1051. *
  1052. * @final since version 3.2
  1053. */
  1054. public function isRedirection()
  1055. {
  1056. return $this->statusCode >= 300 && $this->statusCode < 400;
  1057. }
  1058. /**
  1059. * Is there a client error?
  1060. *
  1061. * @return bool
  1062. *
  1063. * @final since version 3.2
  1064. */
  1065. public function isClientError()
  1066. {
  1067. return $this->statusCode >= 400 && $this->statusCode < 500;
  1068. }
  1069. /**
  1070. * Was there a server side error?
  1071. *
  1072. * @return bool
  1073. *
  1074. * @final since version 3.3
  1075. */
  1076. public function isServerError()
  1077. {
  1078. return $this->statusCode >= 500 && $this->statusCode < 600;
  1079. }
  1080. /**
  1081. * Is the response OK?
  1082. *
  1083. * @return bool
  1084. *
  1085. * @final since version 3.2
  1086. */
  1087. public function isOk()
  1088. {
  1089. return 200 === $this->statusCode;
  1090. }
  1091. /**
  1092. * Is the response forbidden?
  1093. *
  1094. * @return bool
  1095. *
  1096. * @final since version 3.2
  1097. */
  1098. public function isForbidden()
  1099. {
  1100. return 403 === $this->statusCode;
  1101. }
  1102. /**
  1103. * Is the response a not found error?
  1104. *
  1105. * @return bool
  1106. *
  1107. * @final since version 3.2
  1108. */
  1109. public function isNotFound()
  1110. {
  1111. return 404 === $this->statusCode;
  1112. }
  1113. /**
  1114. * Is the response a redirect of some form?
  1115. *
  1116. * @param string $location
  1117. *
  1118. * @return bool
  1119. *
  1120. * @final since version 3.2
  1121. */
  1122. public function isRedirect($location = null)
  1123. {
  1124. return \in_array($this->statusCode, [201, 301, 302, 303, 307, 308]) && (null === $location ?: $location == $this->headers->get('Location'));
  1125. }
  1126. /**
  1127. * Is the response empty?
  1128. *
  1129. * @return bool
  1130. *
  1131. * @final since version 3.2
  1132. */
  1133. public function isEmpty()
  1134. {
  1135. return \in_array($this->statusCode, [204, 304]);
  1136. }
  1137. /**
  1138. * Cleans or flushes output buffers up to target level.
  1139. *
  1140. * Resulting level can be greater than target level if a non-removable buffer has been encountered.
  1141. *
  1142. * @param int $targetLevel The target output buffering level
  1143. * @param bool $flush Whether to flush or clean the buffers
  1144. *
  1145. * @final since version 3.3
  1146. */
  1147. public static function closeOutputBuffers($targetLevel, $flush)
  1148. {
  1149. $status = ob_get_status(true);
  1150. $level = \count($status);
  1151. // PHP_OUTPUT_HANDLER_* are not defined on HHVM 3.3
  1152. $flags = \defined('PHP_OUTPUT_HANDLER_REMOVABLE') ? PHP_OUTPUT_HANDLER_REMOVABLE | ($flush ? PHP_OUTPUT_HANDLER_FLUSHABLE : PHP_OUTPUT_HANDLER_CLEANABLE) : -1;
  1153. while ($level-- > $targetLevel && ($s = $status[$level]) && (!isset($s['del']) ? !isset($s['flags']) || ($s['flags'] & $flags) === $flags : $s['del'])) {
  1154. if ($flush) {
  1155. ob_end_flush();
  1156. } else {
  1157. ob_end_clean();
  1158. }
  1159. }
  1160. }
  1161. /**
  1162. * Checks if we need to remove Cache-Control for SSL encrypted downloads when using IE < 9.
  1163. *
  1164. * @see http://support.microsoft.com/kb/323308
  1165. *
  1166. * @final since version 3.3
  1167. */
  1168. protected function ensureIEOverSSLCompatibility(Request $request)
  1169. {
  1170. if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && 1 == preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) && true === $request->isSecure()) {
  1171. if ((int) preg_replace('/(MSIE )(.*?);/', '$2', $match[0]) < 9) {
  1172. $this->headers->remove('Cache-Control');
  1173. }
  1174. }
  1175. }
  1176. }