| 
									
										
										
										
											2020-03-10 19:04:22 +00:00
										 |  |  |  | <?php | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-10-10 09:26:18 +01:00
										 |  |  |  | declare(strict_types = 1); | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-03-21 20:18:05 +00:00
										 |  |  |  | /* | 
					
						
							|  |  |  |  |  * This file is part of GNU social - https://www.gnu.org/software/social | 
					
						
							|  |  |  |  |  * | 
					
						
							|  |  |  |  |  * GNU social is free software: you can redistribute it and/or modify | 
					
						
							|  |  |  |  |  * it under the terms of the GNU Affero General Public License as published by | 
					
						
							|  |  |  |  |  * the Free Software Foundation, either version 3 of the License, or | 
					
						
							|  |  |  |  |  * (at your option) any later version. | 
					
						
							|  |  |  |  |  * | 
					
						
							|  |  |  |  |  * GNU social is distributed in the hope that it will be useful, | 
					
						
							|  |  |  |  |  * but WITHOUT ANY WARRANTY; without even the implied warranty of | 
					
						
							|  |  |  |  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | 
					
						
							|  |  |  |  |  * GNU Affero General Public License for more details. | 
					
						
							|  |  |  |  |  * | 
					
						
							|  |  |  |  |  * You should have received a copy of the GNU Affero General Public License | 
					
						
							|  |  |  |  |  * along with GNU social.  If not, see <http://www.gnu.org/licenses/>. | 
					
						
							|  |  |  |  |  */ | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | /** | 
					
						
							|  |  |  |  |  * GNU social's true web entry point, bootstraps Symfony's configuration and instantiates our Kernel | 
					
						
							|  |  |  |  |  * | 
					
						
							|  |  |  |  |  * @package  GNUsocial | 
					
						
							|  |  |  |  |  * @category Framework | 
					
						
							|  |  |  |  |  * | 
					
						
							| 
									
										
										
										
											2021-02-19 23:29:43 +00:00
										 |  |  |  |  * @author    Hugo Sales <hugo@hsal.es> | 
					
						
							| 
									
										
										
										
											2021-07-19 13:50:40 +01:00
										 |  |  |  |  * @author    Diogo Peralta Cordeiro <mail@diogo.site> | 
					
						
							|  |  |  |  |  * @copyright 2020-2021 Free Software Foundation, Inc http://www.fsf.org | 
					
						
							| 
									
										
										
										
											2020-03-21 20:18:05 +00:00
										 |  |  |  |  * @license   https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later | 
					
						
							|  |  |  |  |  */ | 
					
						
							| 
									
										
										
										
											2021-07-19 13:50:40 +01:00
										 |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-09 23:57:19 +00:00
										 |  |  |  | use App\CacheKernel; | 
					
						
							| 
									
										
										
										
											2020-03-10 19:04:22 +00:00
										 |  |  |  | use App\Kernel; | 
					
						
							| 
									
										
										
										
											2022-04-03 18:02:54 +01:00
										 |  |  |  | use App\Core\Security; | 
					
						
							| 
									
										
										
										
											2020-03-10 19:04:22 +00:00
										 |  |  |  | use Symfony\Component\ErrorHandler\Debug; | 
					
						
							|  |  |  |  | use Symfony\Component\HttpFoundation\Request; | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-10-10 09:26:18 +01:00
										 |  |  |  | require \dirname(__DIR__) . '/config/bootstrap.php'; | 
					
						
							| 
									
										
										
										
											2020-03-10 19:04:22 +00:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | if ($_SERVER['APP_DEBUG']) { | 
					
						
							|  |  |  |  |     umask(0000); | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  |     Debug::enable(); | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-07-19 13:50:40 +01:00
										 |  |  |  | // When a request passes through a proxy, certain request information is sent using either
 | 
					
						
							|  |  |  |  | // the standard Forwarded header or X-Forwarded-* headers.
 | 
					
						
							|  |  |  |  | // Therefore, if the user configures trusted proxy IPs, we trust these headers.
 | 
					
						
							|  |  |  |  | if ($trustedProxies = $_ENV['TRUSTED_PROXIES'] ?? $_SERVER['TRUSTED_PROXIES'] ?? false) { | 
					
						
							| 
									
										
										
										
											2021-10-10 09:26:18 +01:00
										 |  |  |  |     Request::setTrustedProxies( | 
					
						
							|  |  |  |  |         explode(',', $trustedProxies), | 
					
						
							|  |  |  |  |         Request::HEADER_FORWARDED | Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO, | 
					
						
							| 
									
										
										
										
											2021-07-19 13:50:40 +01:00
										 |  |  |  |     ); | 
					
						
							| 
									
										
										
										
											2020-03-10 19:04:22 +00:00
										 |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-07-19 13:50:40 +01:00
										 |  |  |  | // For enhanced security while using Request, here we define the trusted hosts.
 | 
					
						
							|  |  |  |  | // If the incoming request’s hostname doesn't match one of the regular expressions in
 | 
					
						
							|  |  |  |  | // this list, the application won’t respond and the user will receive a 400 response.
 | 
					
						
							|  |  |  |  | if ($trustedHosts = $_ENV['TRUSTED_HOSTS'] ?? $_SERVER['TRUSTED_HOSTS'] ?? false) { | 
					
						
							| 
									
										
										
										
											2020-03-10 19:04:22 +00:00
										 |  |  |  |     Request::setTrustedHosts([$trustedHosts]); | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-07-09 23:57:19 +00:00
										 |  |  |  | $kernel = new Kernel($_SERVER['APP_ENV'], (bool) $_SERVER['APP_DEBUG']); | 
					
						
							|  |  |  |  | 
 | 
					
						
							|  |  |  |  | // Wrap the default Kernel with the CacheKernel one in 'prod' environment
 | 
					
						
							| 
									
										
										
										
											2022-02-11 00:17:20 +00:00
										 |  |  |  | if ('prod' === $kernel->getEnvironment() || isset($_ENV['CONFIG_USE_CACHE_KERNEL'])) { | 
					
						
							| 
									
										
										
										
											2020-07-09 23:57:19 +00:00
										 |  |  |  |     $kernel = new CacheKernel($kernel); | 
					
						
							|  |  |  |  | } | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-01-30 16:39:43 +00:00
										 |  |  |  | $request = Request::createFromGlobals(); | 
					
						
							| 
									
										
										
										
											2022-04-03 18:02:54 +01:00
										 |  |  |  | 
 | 
					
						
							|  |  |  |  | Security::harden(); | 
					
						
							|  |  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-03-10 19:04:22 +00:00
										 |  |  |  | $response = $kernel->handle($request); | 
					
						
							|  |  |  |  | $response->send(); | 
					
						
							|  |  |  |  | $kernel->terminate($request, $response); |