Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
/auth/cas/CAS/vendor/apereo/phpcas/source/CAS/ServiceBaseUrl/ -> AllowedListDiscovery.php (source)

[Source view]

Licensed to Jasig under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. Jasig licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at:

Author: Henry Pan <git@phy25.com>
License: http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
File Size: 152 lines (5 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

CAS_ServiceBaseUrl_AllowedListDiscovery:: (5 methods):
  __construct()
  allow()
  isAllowed()
  discover()
  get()


Class: CAS_ServiceBaseUrl_AllowedListDiscovery  - X-Ref

Class that gets the service base URL of the PHP server by HTTP header
discovery and allowlist check. This is used to generate service URL
and PGT callback URL.

__construct($list)   X-Ref
No description

allow($url)   X-Ref
Add a base URL to the allowed list.

param: $url protocol, host name and port to add to the allowed list
return: void

isAllowed($name)   X-Ref
Check if the server name is allowed by configuration.

param: $name server name to check
return: bool whether the allowed list contains the server name

discover()   X-Ref
Discover the server name through HTTP headers.

We read:
- HTTP header X-Forwarded-Host
- HTTP header X-Forwarded-Server and X-Forwarded-Port
- HTTP header Host and SERVER_PORT
- PHP SERVER_NAME (which can change based on the HTTP server used)

The standard port will be omitted (80 for HTTP, 443 for HTTPS).

return: string the discovered, unsanitized server protocol, hostname and port

get()   X-Ref
Get PHP server base URL.

return: string the server protocol, hostname and port