symfony posts

Symfony console: Freeing up default short options

I like Symfony’s console component, and use it for much of my command line scripting these days. One thing I dislike is that it takes use of some short option characters for itself. The built in handling of verbosity with -v is nice and is fairly common in the CLI world, but some, like -h and -n, are more varied in use and would be desirable to have for various purposes in my own commands. I decided to remove these defaults in my own console app recently, and will describe how to do so.

Continue reading post "Symfony console: Freeing up default short options"

Symfony router: check for match on different host

I found myself wanting to check if a given URL path exists on another host of a multi-host Symfony application from within a controller action. The router service, which is the instance of Symfony’s routing component used to route requests to actions, has a match() method, but it only accepts the path part of the URL. It also has a matchRequest() method, but that seems to ignore the HTTP_HOST and SERVER_NAME of the passed Request object.

Continue reading post "Symfony router: check for match on different host"

Struggling to figure out why every response from my Symfony application is showing up in the log files as a ‘200’ status. I thought it was related to this and this, since I’m running under FastCGI on Dreamhost, but attempting to set a Status header didn’t help. Setting a regular response header in a plain PHP file does work, in fact. If I use ‘mod_rewrite’ to write another URL to load that same plain file, however, the status shows as ‘200’, so it must have something to do with ‘mod_rewrite’. Must get to bed though, so I will have to try another day.

Continue reading post "#940"

Security HTTP Headers

I’ve been working on the HTTP headers my site sends recently. I had been working on performance / cache related headers, but after seeing mention of a security header scanner built by Scott Helme, I decided to spend a little time implementing security related headers on my site. I don’t really know these headers that well, so I added the headers it suggested and mostly went with the recommended values. I did read up a bit on what they mean though and modified the Content-Security-Policy as I saw fit.

I added most of the headers using a Symfony reponse event listener. This handles all of my HTML responses without sending the headers for other responses, where they aren’t necessary. The exception is the X-Content-Type-Options, which should be set for all responses. I set that in Apache configuration.

Continue reading post "Security HTTP Headers"

#Page top