Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit0a9241d

Browse files
committed
[symfony#2953][symfony#2986] Tweaks to firewall hostname
Biggest change is to clarify that matching a firewall has no guarantee (is unrelated)to whether or not access is restricted. Also, fixed up some of the regex.
1 parent14c5382 commit0a9241d

File tree

1 file changed

+14
-6
lines changed

1 file changed

+14
-6
lines changed

‎cookbook/security/host_restriction.rst‎

Lines changed: 14 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,17 @@
11
..index::
22
single: Security; Restrict Security Firewalls to a Host
33

4-
How torestrict Firewalls to a Specific Host
4+
How toRestrict Firewalls to a Specific Host
55
============================================
66

77
..versionadded::2.4
88
Support for restricting security firewalls to a specific host was added in
99
Symfony 2.4.
1010

1111
When using the Security component, you can create firewalls that match certain
12-
url patterns and thereby restrict access to all urls matching these patterns.
13-
Additionally, you can restrict a firewall to a host using the ``host`` key:
12+
URL patterns and therefore are activated for all pages whose URL matches
13+
that pattern. Additionally, you can restrict the initialization of a firewall
14+
to a host using the ``host`` key:
1415

1516
..configuration-block::
1617

@@ -24,7 +25,7 @@ Additionally, you can restrict a firewall to a host using the ``host`` key:
2425
firewalls:
2526
secured_area:
2627
pattern:^/
27-
host:admin\.example\.com
28+
host:^admin\.example\.com$
2829
http_basic:true
2930
3031
..code-block::xml
@@ -39,7 +40,7 @@ Additionally, you can restrict a firewall to a host using the ``host`` key:
3940
4041
<config>
4142
<!-- ...-->
42-
<firewallname="secured_area"pattern="^/"host="admin.example.com">
43+
<firewallname="secured_area"pattern="^/"host="^admin\.example\.com$">
4344
<http-basic />
4445
</firewall>
4546
</config>
@@ -55,8 +56,15 @@ Additionally, you can restrict a firewall to a host using the ``host`` key:
5556
'firewalls' => array(
5657
'secured_area' => array(
5758
'pattern' => '^/',
58-
'host' => 'admin.example.com',
59+
'host' => '^admin\.example\.com$',
5960
'http_basic' => true,
6061
),
6162
),
6263
));
64+
65+
The ``host`` (like the ``path``) is a regular expression. In this example,
66+
the firewall will only be activated if the host is equal exactly (due to
67+
the ``^`` and ``$`` regex characters) to the hostname ``admin.example.com``.
68+
If the hostname does not match this pattern, the firewall will not be activated
69+
and subsequent firewalls will have the opportunity to be matched for this
70+
request.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp