Component for creating signed URLs.
More...
|
| | sign (string $url,?string $expires=null) |
| | Normalizes and signs the URL with SHA256 HMAC key. More...
|
| |
| | isValid (string $url) |
| | Validates HMAC signature. More...
|
| |
| | assertValid ($url) |
| | Assert that an url is signed correctly. More...
|
| |
Component for creating signed URLs.
Definition at line 13 of file UrlSigner.php.
| Elgg\Security\UrlSigner::assertValid |
( |
|
$url | ) |
|
Assert that an url is signed correctly.
- Parameters
-
| string | $url | the url to check |
- Returns
- void
- Exceptions
-
Definition at line 108 of file UrlSigner.php.
| Elgg\Security\UrlSigner::isValid |
( |
string |
$url | ) |
|
Validates HMAC signature.
- Parameters
-
| string | $url | URL to validate |
- Returns
- bool
Definition at line 68 of file UrlSigner.php.
| Elgg\Security\UrlSigner::sign |
( |
string |
$url, |
|
|
?string |
$expires = null |
|
) |
| |
Normalizes and signs the URL with SHA256 HMAC key.
- Note
- Signed URLs do not offer CSRF protection and should not be used instead of action tokens.
- Parameters
-
| string | $url | URL to sign |
| null | string | $expires | Expiration time Accepts a string suitable for strtotime() Null value indicate non-expiring URL |
- Returns
- string
- Exceptions
-
Definition at line 30 of file UrlSigner.php.
| const Elgg\Security\UrlSigner::KEY_EXPIRES = '__elgg_exp' |
| const Elgg\Security\UrlSigner::KEY_MAC = '__elgg_mac' |
The documentation for this class was generated from the following file:
1.8.11
