Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The HttpKernelInterface is a lie (tnphp)

Igor Wiedler
November 09, 2013

The HttpKernelInterface is a lie (tnphp)

Igor Wiedler

November 09, 2013
Tweet

More Decks by Igor Wiedler

Other Decks in Programming

Transcript

  1. hi!

  2. find src -name '*.php' | grep -iv tests | cut

    -f2- -d/ | cut -f1 -d\. | awk '{ print length, $0 }' | sort -n | tr / \\ ;
  3. nc

  4. /\_/\ / 0 0 \ ====v==== \ W / |

    | _ / ___ \ / / / \ \ | (((-----)))-' / ( ___ \__.=|___E /
  5. /etc/xinet.d/<service> service <service> { disable = no socket_type = stream

    protocol = tcp user = <user> wait = no server = /usr/local/bin/<program> }
  6. /etc/xinet.d/fortune service fortune { disable = no socket_type = stream

    protocol = tcp user = xinetd wait = no server = /usr/local/bin/fortune }
  7. $ nc <host> 7777 ______________________________________ < Eat right, stay fit,

    and die anyway. > -------------------------------------- \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || ||
  8. /etc/xinet.d/cowsay service cowsay { disable = no socket_type = stream

    protocol = tcp user = xinetd wait = no server = /usr/games/cowsay }
  9. $ echo 'moo' | nc <host> 7778 _____ < moo

    > ----- \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || ||
  10. cgi

  11. The Common Gateway Interface (CGI) [22]! allows an HTTP [1],

    [4] server and a CGI! script to share responsibility for responding! to client requests. RFC 3875
  12. GET / HTTP/1.1 Host: igor.io Accept: */* REQUEST_METHOD = GET

    PATH_INFO = / HTTP_HOST = igor.io HTTP_ACCEPT = */* SERVER_NAME = igor.io
  13. • 1997: Java Servlet • 2003: Python WSGI • 2007:

    Ruby Rack • 2009: Perl PSGI • 2011: Symfony2 HttpKernelInterface
  14. class Logger implements HttpKernelInterface { private $app; private $logger; !

    public function __construct(HttpKernelInterface $app, LoggerInterface $logger) { $this->app = $app; $this->logger = $logger; } ! public function handle(Request $request, ...) { $response = $this->app->handle($request, $type, $catch); ! $this->log($request, $response); ! return $response; } ! private function log(Request $request, Response $response) { ... } }
  15. class Foo implements HttpKernelInterface { private $app; ! public function

    __construct(HttpKernelInterface $app) { $this->app = $app; } ! public function handle(Request $request, ...) { $response = $this->app->handle($request, $type, $catch); ! return $response; } } 1 2 3
  16. UrlMap $blog = new Silex\Application(); ! $blog->get('/', function () {

    return 'This is the blog!'; }); ! $app = new Stack\UrlMap($app, [ '/blog' => $blog, ]);
  17. OAuth $app = new Igorw\Stack\OAuth($app, [ 'key' => 'foo', 'secret'

    => 'bar', 'callback_url' => 'http://localhost:8080/auth/verify', 'success_url' => '/', 'failure_url' => '/auth', ]); ! $app = new Stack\Session($app);
  18. • Authentication • Debug toolbar • Injected routes • Signed

    cookies • Asset management • Force SSL • Error handling
  19. ( )