stackoom
  简体   繁体   中英

symfony2 access control on assets

 原文  2016-02-08 11:53:01       symfony

Question

For some reason ( AngularJS top secret js files ) I need to put behind a firewall my resources. But I don't know how to setup that the symfony way. I already tried to set a access_control on /web/myresources.js but the kernel does not handle it.

I'd like to do something like this : 

- { path: ^/assets/admin/, role: ROLE_ADMIN }

To protect, for example : "/assets/admin/js/app.js".

Any ideas ? Thank you.

EDIT : I created a bundle to achieve that. It is not documented yet, but here is the repo :

https://github.com/NathanVss/resources-firewall-bundle

1 answers

solution1
 0  2016-02-08 13:31:38

Symfony firewall can only work on URIs managed by Symfony. Assets are static files and are not routed through Symfony.

Use web server config to protect such routes. For instance, by protecting directory index listings in Apache:

Create a .htaccess file with the following: 

 Options -Indexes

Or by disabling autoindex in nginx : 

 Syntax: autoindex on | off; Default: autoindex off; Context: http, server, location

Enables or disables the directory listing output.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Symfony2 - Access control Symfony2 access control not working Symfony2 Access Control/Security Symfony2 access control with routes Assets in Symfony2 Symfony2 problems with assets Symfony2 assets are not shown Assets in JavaScript - Symfony2 Symfony2 bringing in assets Symfony2 access control redirects to login
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM