mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-09-27 11:56:23 +02:00
3873e4ba00
See https://github.com/silverstripe/silverstripe-framework/pull/7037 and https://github.com/silverstripe/silverstripe-framework/issues/6681 Squashed commit of the following: commit8f65e56532
Author: Ingo Schommer <me@chillu.com> Date: Thu Jun 22 22:25:50 2017 +1200 Fixed upgrade guide spelling commit76f95944fa
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 16:38:34 2017 +1200 BUG Fix non-test class manifest including sapphiretest / functionaltest commit9379834cb4
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 15:50:47 2017 +1200 BUG Fix nesting bug in Kernel commit188ce35d82
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 15:14:51 2017 +1200 BUG fix db bootstrapping issues commit7ed4660e7a
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 14:49:07 2017 +1200 BUG Fix issue in DetailedErrorFormatter commit738f50c497
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 11:49:19 2017 +1200 Upgrading notes on mysite/_config.php commit6279d28e5e
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 11:43:28 2017 +1200 Update developer documentation commit5c90d53a84
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 10:48:44 2017 +1200 Update installer to not use global databaseConfig commitf9b2ba4755
Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 21:04:39 2017 +1200 Fix behat issues commit5b59a912b6
Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 17:07:11 2017 +1200 Move HTTPApplication to SilverStripe\Control namespace commite2c4a18f63
Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 16:29:03 2017 +1200 More documentation Fix up remaining tests Refactor temp DB into TempDatabase class so it’s available outside of unit tests. commit5d235e64f3
Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 12:13:15 2017 +1200 API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals BUG Fix issue with SSViewer Fix Security / View tests commitd88d4ed4e4
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 16:39:43 2017 +1200 API Refactor AppKernel into CoreKernel commitf7946aec33
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 16:00:40 2017 +1200 Docs and minor cleanup commit12bd31f936
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 15:34:34 2017 +1200 API Remove OutputMiddleware API Move environment / global / ini management into Environment class API Move getTempFolder into TempFolder class API Implement HTTPRequestBuilder / CLIRequestBuilder BUG Restore SS_ALLOWED_HOSTS check in original location API CoreKernel now requires $basePath to be passed in API Refactor installer.php to use application to bootstrap API move memstring conversion globals to Convert BUG Fix error in CoreKernel nesting not un-nesting itself properly. commitbba9791146
Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 18:07:53 2017 +1200 API Create HTTPMiddleware and standardise middleware for request handling commit2a10c2397b
Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 17:42:42 2017 +1200 Fixed ORM tests commitd75a8d1d93
Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 17:15:07 2017 +1200 FIx i18n tests commit06364af3c3
Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 16:59:34 2017 +1200 Fix controller namespace Move states to sub namespace commit2a278e2953
Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 12:49:45 2017 +1200 Fix forms namespace commitb65c21241b
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 15 18:56:48 2017 +1200 Update API usages commitd1d4375c95
Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 15 18:41:44 2017 +1200 API Refactor $flush into HTPPApplication API Enforce health check in Controller::pushCurrent() API Better global backup / restore Updated Director::test() to use new API commitb220534f06
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 22:05:57 2017 +1200 Move app nesting to a test state helper commit603704165c
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 21:46:04 2017 +1200 Restore kernel stack to fix multi-level nesting commit2f6336a15b
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 17:23:21 2017 +1200 API Implement kernel nesting commitfc7188da7d
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:43:13 2017 +1200 Fix core tests commita0ae723514
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:23:52 2017 +1200 Fix manifest tests commitca03395251
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:00:00 2017 +1200 API Move extension management into test state commitc66d433977
Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 14:10:59 2017 +1200 API Refactor SapphireTest state management into SapphireTestState API Remove Injector::unregisterAllObjects() API Remove FakeController commitf26ae75c6e
Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 12 18:04:34 2017 +1200 Implement basic CLI application object commit001d559662
Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 12 17:39:38 2017 +1200 Remove references to SapphireTest::is_running_test() Upgrade various code commitde079c041d
Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 7 18:07:33 2017 +1200 API Implement APP object API Refactor of Session
144 lines
6.3 KiB
Markdown
144 lines
6.3 KiB
Markdown
summary: An overview of the steps involved in delivering a SilverStripe web page.
|
|
|
|
# Execution Pipeline
|
|
|
|
## Introduction
|
|
|
|
In order to transform a HTTP request or a commandline exeuction into a response,
|
|
SilverStripe needs to boot its core and run through several stages of processing.
|
|
|
|
## Request Rewriting
|
|
|
|
The first step in most environments is a rewrite of a request path into parameters passed to a PHP script.
|
|
This allows writing friendly URLs instead of linking directly to PHP files.
|
|
The implementation depends on your web server; we'll show you the most common one here:
|
|
Apache with [mod_rewrite](http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html).
|
|
Check our [installation guides](/getting_started/installation) on how other web servers like IIS or nginx handle rewriting.
|
|
|
|
The standard SilverStripe project ships with a `.htaccess` file in your webroot for this purpose.
|
|
By default, requests will be passed through for files existing on the filesystem.
|
|
Some access control is in place to deny access to potentially sensitive files in the webroot, such as YAML configuration files.
|
|
If no file can be directly matched, control is handed off to `framework/main.php`.
|
|
|
|
### SILVERSTRIPE START ###
|
|
|
|
# Deny access to templates (but allow from localhost)
|
|
<Files *.ss>
|
|
Order deny,allow
|
|
Deny from all
|
|
Allow from 127.0.0.1
|
|
</Files>
|
|
|
|
# Deny access to IIS configuration
|
|
<Files web.config>
|
|
Order deny,allow
|
|
Deny from all
|
|
</Files>
|
|
|
|
# Deny access to YAML configuration files which might include sensitive information
|
|
<Files ~ "\.ya?ml$">
|
|
Order allow,deny
|
|
Deny from all
|
|
</Files>
|
|
|
|
# Route errors to static pages automatically generated by SilverStripe
|
|
ErrorDocument 404 /assets/error-404.html
|
|
ErrorDocument 500 /assets/error-500.html
|
|
|
|
<IfModule mod_rewrite.c>
|
|
SetEnv HTTP_MOD_REWRITE On
|
|
RewriteEngine On
|
|
|
|
# Deny access to potentially sensitive files and folders
|
|
RewriteRule ^vendor(/|$) - [F,L,NC]
|
|
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
|
|
RewriteRule composer\.(json|lock) - [F,L,NC]
|
|
|
|
# Process through SilverStripe if no file with the requested name exists.
|
|
# Pass through the original path as a query parameter, and retain the existing parameters.
|
|
RewriteCond %{REQUEST_URI} ^(.*)$
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteRule .* framework/main.php?url=%1 [QSA]
|
|
|
|
# If requesting the main script directly, rewrite to the installer
|
|
RewriteCond %{REQUEST_URI} ^(.*)/framework/main.php$
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteRule . %1/install.php? [R,L]
|
|
|
|
</IfModule>
|
|
### SILVERSTRIPE END ###
|
|
|
|
SilverStripe can also operate without this level of rewriting, in which case all dynamic requests go
|
|
through an `index.php` script in the webroot.
|
|
|
|
<div class="notice" markdown="1">
|
|
Running SilverStripe without web server based rewriting is not recommended since it
|
|
can leave sensitive files exposed to public access (the `RewriteRule` conditions from above don't apply).
|
|
</div>
|
|
|
|
## Bootstrap
|
|
|
|
The `constants.php` file is included automatically in any project which requires silverstripe/framework.
|
|
This is included automatically when the composer `vendor/autoload.php` is included, and performs its
|
|
tasks silently in the background.
|
|
|
|
* Tries to locate an `.env`
|
|
[configuration file](/getting_started/environment_management) in the webroot.
|
|
* Sets constants based on the filesystem structure (e.g. `BASE_URL`, `BASE_PATH` and `TEMP_FOLDER`)
|
|
|
|
All requests go through `framework/main.php`, which sets up the core [api:Kernel] and [api:HTTPApplication]
|
|
objects. See [/developer_guides/execution_pipeline/app_object_and_kernel] for details on this.
|
|
The main process follows:
|
|
|
|
|
|
* Include `autoload.php`
|
|
* Construct [api:HTTPRequest] object from environment.
|
|
* Construct a `Kernel` instance
|
|
* Construct a `HTTPApplication` instance
|
|
* Add any necessary middleware to this application
|
|
* Pass the request to the application, and request a response
|
|
|
|
|
|
While you usually don't need to modify the bootstrap on this level, some deeper customizations like
|
|
adding your own manifests or a performance-optimized routing might require it.
|
|
An example of this can be found in the ["staticpublisher" module](https://github.com/silverstripe-labs/silverstripe-staticpublisher/blob/master/main.php).
|
|
The modules instructs web servers to route through its own `main.php` to determine which requests can be cached
|
|
before handing control off to SilverStripe's own `main.php`.
|
|
|
|
## Routing and Request Handling
|
|
|
|
The `main.php` script relies on [api:Director] to work out which [controller](../controllers/) should handle this request. It parses the URL, matching it to one of a number of patterns,
|
|
and determines the controller, action and any argument to be used ([Routing](../controllers/routing)).
|
|
|
|
* Creates a [api:HTTPRequest] object containing all request and environment information
|
|
* The [session](../cookies_and_sessions/sessions) holds an abstraction of PHP session
|
|
* Instantiates a [controller](../controllers/) object
|
|
* The [api:Injector] is first referenced, and asks the registered
|
|
[RequestFilter](../controllers/requestfilters)
|
|
to pre-process the request object (see below)
|
|
* The `Controller` executes the actual business logic and populates an [api:HTTPResponse]
|
|
* The `Controller` can optionally hand off control to further nested controllers
|
|
* The `Controller` optionally renders a response body through `SSViewer` [templates](../templates)
|
|
* The [api:RequestProcessor] is called to post-process the request to allow
|
|
further filtering before content is sent to the end user
|
|
* The response is output to the client
|
|
|
|
## Request Preprocessing and Postprocessing
|
|
|
|
The framework provides the ability to hook into the request both before and
|
|
after it is handled to allow binding custom logic. This can be used
|
|
to transform or filter request data, instantiate helpers, execute global logic,
|
|
or even short-circuit execution (e.g. to enforce custom authentication schemes).
|
|
The ["Request Filters" documentation](../controllers/requestfilters) shows you how.
|
|
|
|
## Flushing Manifests
|
|
|
|
If a `?flush=1` query parameter is added to a URL, a call to `flush()` will be triggered
|
|
on any classes that implement the [Flushable](flushable) interface.
|
|
This enables developers to clear [manifest caches](manifests),
|
|
for example when adding new templates or PHP classes.
|
|
Note that you need to be in [dev mode](/getting_started/environment_management)
|
|
or logged-in as an administrator for flushing to take effect.
|
|
|
|
[CHILDREN]
|