ImageStyleDownloadController::deliver

public ImageStyleDownloadController::deliver(Request $request, $scheme, ImageStyleInterface $image_style)

Generates a derivative, given a style and image path.

After generating an image, transfer it to the requesting agent.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request object.

string $scheme: The file scheme, defaults to 'private'.

\Drupal\image\ImageStyleInterface $image_style: The image style to deliver.

Return value

\Symfony\Component\HttpFoundation\BinaryFileResponse|\Symfony\Component\HttpFoundation\Response The transferred file as response or some error response.

Throws

\Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException Thrown when the user does not have access to the file.

\Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException Thrown when the file is still being generated.

File

core/modules/image/src/Controller/ImageStyleDownloadController.php, line 87

Class

ImageStyleDownloadController: Defines a controller to serve image styles.

Namespace

Drupal\image\Controller

Code

public function deliver(Request $request, $scheme, ImageStyleInterface $image_style) {
  $target = $request->query->get('file');
  $image_uri = $scheme . '://' . $target;
 
  // Check that the style is defined, the scheme is valid, and the image
  // derivative token is valid. Sites which require image derivatives to be
  // generated without a token can set the
  // 'image.settings:allow_insecure_derivatives' configuration to TRUE to
  // bypass the latter check, but this will increase the site's vulnerability
  // to denial-of-service attacks. To prevent this variable from leaving the
  // site vulnerable to the most serious attacks, a token is always required
  // when a derivative of a style is requested.
  // The $target variable for a derivative of a style has
  // styles/<style_name>/... as structure, so we check if the $target variable
  // starts with styles/.
  $valid = !empty($image_style) && file_stream_wrapper_valid_scheme($scheme);
  if (!$this->config('image.settings')->get('allow_insecure_derivatives') || strpos(ltrim($target, '\/'), 'styles/') === 0) {
    $valid &= $request->query->get(IMAGE_DERIVATIVE_TOKEN) === $image_style->getPathToken($image_uri);
  }
  if (!$valid) {
    throw new AccessDeniedHttpException();
  }
 
  $derivative_uri = $image_style->buildUri($image_uri);
  $headers = array();
 
  // If using the private scheme, let other modules provide headers and
  // control access to the file.
  if ($scheme == 'private') {
    $headers = $this->moduleHandler()->invokeAll('file_download', array($image_uri));
    if (in_array(-1, $headers) || empty($headers)) {
      throw new AccessDeniedHttpException();
    }
  }
 
  // Don't try to generate file if source is missing.
  if (!file_exists($image_uri)) {
    // If the image style converted the extension, it has been added to the
    // original file, resulting in filenames like image.png.jpeg. So to find
    // the actual source image, we remove the extension and check if that
    // image exists.
    $path_info = pathinfo($image_uri);
    $converted_image_uri = $path_info['dirname'] . DIRECTORY_SEPARATOR . $path_info['filename'];
    if (!file_exists($converted_image_uri)) {
      $this->logger->notice('Source image at %source_image_path not found while trying to generate derivative image at %derivative_path.', array('%source_image_path' => $image_uri, '%derivative_path' => $derivative_uri));
      return new Response($this->t('Error generating image, missing source file.'), 404);
    }
    else {
      // The converted file does exist, use it as the source.
      $image_uri = $converted_image_uri;
    }
  }
 
  // Don't start generating the image if the derivative already exists or if
  // generation is in progress in another thread.
  if (!file_exists($derivative_uri)) {
    $lock_name = 'image_style_deliver:' . $image_style->id() . ':' . Crypt::hashBase64($image_uri);
    $lock_acquired = $this->lock->acquire($lock_name);
    if (!$lock_acquired) {
      // Tell client to retry again in 3 seconds. Currently no browsers are
      // known to support Retry-After.
      throw new ServiceUnavailableHttpException(3, $this->t('Image generation in progress. Try again shortly.'));
    }
  }
 
  // Try to generate the image, unless another thread just did it while we
  // were acquiring the lock.
  $success = file_exists($derivative_uri) || $image_style->createDerivative($image_uri, $derivative_uri);
 
  if (!empty($lock_acquired)) {
    $this->lock->release($lock_name);
  }
 
  if ($success) {
    $image = $this->imageFactory->get($derivative_uri);
    $uri = $image->getSource();
    $headers += array(
      'Content-Type' => $image->getMimeType(),
      'Content-Length' => $image->getFileSize(),
    );
    // \Drupal\Core\EventSubscriber\FinishResponseSubscriber::onRespond()
    // sets response as not cacheable if the Cache-Control header is not
    // already modified. We pass in FALSE for non-private schemes for the
    // $public parameter to make sure we don't change the headers.
    return new BinaryFileResponse($uri, 200, $headers, $scheme !== 'private');
  }
  else {
    $this->logger->notice('Unable to generate the derived image located at %path.', array('%path' => $derivative_uri));
    return new Response($this->t('Error generating image.'), 500);
  }
}

Links:

https://api.drupal.org/api/drupal/core%21modules%21image%21src%21Controller%21ImageStyleDownloadController.php/function/ImageStyleDownloadController%3A%3Adeliver/8.2.x

doc_Drupal

2025-01-10 15:47:30

Comments