src/Storefront/Framework/Routing/ResponseHeaderListener.php line 38

  1. <?php declare(strict_types=1);
  3. namespace Shopware\Storefront\Framework\Routing;
  5. use Shopware\Core\Framework\Log\Package;
  6. use Shopware\Core\PlatformRequest;
  7. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  12. /**
  13.  * @internal
  14.  */
  15. #[Package('storefront')]
  16. class ResponseHeaderListener implements EventSubscriberInterface
  17. {
  18.     private const REMOVAL_HEADERS = [
  19.         PlatformRequest::HEADER_VERSION_ID,
  20.         PlatformRequest::HEADER_LANGUAGE_ID,
  21.         PlatformRequest::HEADER_CONTEXT_TOKEN,
  22.         'Access-Control-Allow-Origin',
  23.         'Access-Control-Allow-Methods',
  24.         'Access-Control-Allow-Headers',
  25.         'Access-Control-Expose-Headers',
  26.     ];
  28.     /**
  29.      * @return array<string, array{0: string, 1: int}>
  30.      */
  31.     public static function getSubscribedEvents(): array
  32.     {
  33.         return [
  34.             ResponseEvent::class => ['onResponse', -10],
  35.         ];
  36.     }
  38.     public function onResponse(ResponseEvent $event): void
  39.     {
  40.         $response $event->getResponse();
  41.         /** @var list<string> $scopes */
  42.         $scopes $event->getRequest()->attributes->get(PlatformRequest::ATTRIBUTE_ROUTE_SCOPE, []);
  44.         if (!\in_array(StorefrontRouteScope::ID$scopestrue) && !$response instanceof StorefrontResponse) {
  45.             return;
  46.         }
  48.         $this->manipulateStorefrontHeader($event->getRequest(), $response);
  49.     }
  51.     private function manipulateStorefrontHeader(Request $requestResponse $response): void
  52.     {
  53.         $this->removeHeaders($response);
  54.         $this->addNoStoreHeader($request$response);
  55.     }
  57.     private function removeHeaders(Response $response): void
  58.     {
  59.         foreach (self::REMOVAL_HEADERS as $headerKey) {
  60.             $response->headers->remove($headerKey);
  61.         }
  62.     }
  64.     private function addNoStoreHeader(Request $requestResponse $response): void
  65.     {
  66.         if (!$request->attributes->has(PlatformRequest::ATTRIBUTE_NO_STORE)) {
  67.             return;
  68.         }
  70.         $response->setMaxAge(0);
  71.         $response->headers->addCacheControlDirective('no-cache');
  72.         $response->headers->addCacheControlDirective('no-store');
  73.         $response->headers->addCacheControlDirective('must-revalidate');
  74.         $response->setExpires(new \DateTime('@0'));
  75.     }
  76. }