revolution/laravel-fetch-metadata

Laravel 的元数据抓取中间件

维护者

详情

github.com/kawax/laravel-fetch-metadata

源代码

安装: 33

依赖者: 0

建议者: 0

安全性: 0

星标: 1

关注者: 2

分支: 0

1.0.2 2024-04-26 08:54 UTC

Requires

Requires (Dev)

MIT 3b2d23c55693dc710976220f79d3fd0f818203c1

  • kawax <kawaxbiz.woop@gmail.com>

laravelfetch-metadatasec-fetch

This package is auto-updated.

Last update: 2024-08-29 04:37:28 UTC

README

https://mdn.org.cn/en-US/docs/Glossary/Fetch_metadata_request_header

要求

  • PHP ^8.2
  • Laravel ^11.x

安装

composer require revolution/laravel-fetch-metadata

卸载

composer remove revolution/laravel-fetch-metadata

(可选) 将中间件别名添加到 bootstrap/app.php

use Illuminate\Foundation\Configuration\Middleware;
use Revolution\FetchMetadata\Middleware\SecFetchSite;
use Revolution\FetchMetadata\Middleware\SecFetchMode;
use Revolution\FetchMetadata\Middleware\SecFetchDest;
use Revolution\FetchMetadata\Middleware\SecFetchUser;

->withMiddleware(function (Middleware $middleware) {
     $middleware->alias([
        'sec-fetch-site' => SecFetchSite::class,
        'sec-fetch-mode' => SecFetchMode::class,
        'sec-fetch-dest' => SecFetchDest::class,
        'sec-fetch-user' => SecFetchUser::class,
    ]);
})

您可以使用部分中间件。

use Illuminate\Foundation\Configuration\Middleware;
use Revolution\FetchMetadata\Middleware\SecFetchSite;

->withMiddleware(function (Middleware $middleware) {
     $middleware->alias([
        'sec-fetch-site' => SecFetchSite::class,
    ]);
})

别名名称是任意的,可以缩短。

use Illuminate\Foundation\Configuration\Middleware;
use Revolution\FetchMetadata\Middleware\SecFetchSite;

->withMiddleware(function (Middleware $middleware) {
     $middleware->alias([
        'sec-site' => SecFetchSite::class,
    ]);
})

路由中的使用

默认行为仅允许 same-originnone(用户发起的操作)。

use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;

Route::post('user/update-password', function (Request $request){
    //
})->middleware('sec-fetch-site');

您可以通过中间件参数指定允许的值。

use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;

Route::post('user/update-password', function (Request $request){
    //
})->middleware('sec-fetch-site:cross-site');

您也可以使用多个中间件参数。

use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;

Route::post('user/update-password', function (Request $request){
    //
})->middleware('sec-fetch-site:same-origin,cross-site');

当不使用别名时。

use Illuminate\Support\Facades\Route;
use Illuminate\Http\Request;
use Revolution\FetchMetadata\Middleware\SecFetchSite;

Route::post('user/update-password', function (Request $request){
    //
})->middleware(SecFetchSite::class);

Route::post('user/update-password', function (Request $request){
    //
})->middleware(SecFetchSite::class.':same-origin,cross-site');

错误处理

当 Sec-Fetch 值无效时,抛出 Symfony\Component\HttpKernel\Exception\InvalidMetadataException

您可以在 bootstrap/app.php 中更改响应。

use Illuminate\Http\Request;
use Symfony\Component\HttpKernel\Exception\InvalidMetadataException;
 
->withExceptions(function (Exceptions $exceptions) {
    $exceptions->render(function (InvalidMetadataException $e, Request $request) {
        if ($request->expectsJson()) {
            return response()->json([
                'message' => $e->getMessage(),
            ], 500);
        }
    });
})

许可证

MIT