Elgg  Version 2.3
Public Member Functions | Public Attributes | List of all members
Elgg\Security\UrlSigner Class Reference

Component for creating signed URLs. More...

Public Member Functions

 sign ($url, $expires=false)
 Normalizes and signs the URL with SHA256 HMAC key. More...
 
 isValid ($url)
 Validates HMAC signature. More...
 

Public Attributes

const KEY_MAC = '__elgg_mac'
 
const KEY_EXPIRES = '__elgg_exp'
 

Detailed Description

Component for creating signed URLs.

@access private

Definition at line 10 of file UrlSigner.php.

Member Function Documentation

◆ isValid()

Elgg\Security\UrlSigner::isValid (   $url)

Validates HMAC signature.

Parameters
string$urlURL to vlaidate
Returns
bool

Definition at line 65 of file UrlSigner.php.

◆ sign()

Elgg\Security\UrlSigner::sign (   $url,
  $expires = false 
)

Normalizes and signs the URL with SHA256 HMAC key.

Note
Signed URLs do not offer CSRF protection and should not be used instead of action tokens.
Parameters
string$urlURL to sign
string$expiresExpiration time Accepts a string suitable for strtotime() Falsey values indicate non-expiring URL
Returns
string
Exceptions

Definition at line 27 of file UrlSigner.php.

Member Data Documentation

◆ KEY_EXPIRES

const Elgg\Security\UrlSigner::KEY_EXPIRES = '__elgg_exp'

Definition at line 13 of file UrlSigner.php.

◆ KEY_MAC

const Elgg\Security\UrlSigner::KEY_MAC = '__elgg_mac'

Definition at line 12 of file UrlSigner.php.

The documentation for this class was generated from the following file:
Generated on Thu Oct 30 2025 00:00:42 for Elgg by doxygen 1.9.1