TwigSandboxPolicy::checkMethodAllowed

public TwigSandboxPolicy::checkMethodAllowed($obj, $method)

Overrides Twig_Sandbox_SecurityPolicyInterface::checkMethodAllowed

File

core/lib/Drupal/Core/Template/TwigSandboxPolicy.php, line 79

Class

TwigSandboxPolicy: Default sandbox policy for Twig templates.

Namespace

Drupal\Core\Template

Code

public function checkMethodAllowed($obj, $method) {
  foreach ($this->whitelisted_classes as $class => $key) {
    if ($obj instanceof $class) {
      return TRUE;
    }
  }

  // Return quickly for an exact match of the method name.
  if (isset($this->whitelisted_methods[$method])) {
    return TRUE;
  }

  // If the method name starts with a whitelisted prefix, allow it.
  // Note: strpos() is between 3x and 7x faster than preg_match in this case.
  foreach ($this->whitelisted_prefixes as $prefix) {
    if (strpos($method, $prefix) === 0) {
      return TRUE;
    }
  }

  throw new \Twig_Sandbox_SecurityError(sprintf('Calling "%s" method on a "%s" object is not allowed.', $method, get_class($obj)));
}

Links:

https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21Template%21TwigSandboxPolicy.php/function/TwigSandboxPolicy%3A%3AcheckMethodAllowed/8.2.x

doc_Drupal

2025-01-10 15:47:30

Comments