symfony中的Assetic文件在防火墙后面?[英] Assetic files in symfony are behind the firewall?

本文是小编为大家收集整理的关于symfony中的Assetic文件在防火墙后面?的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。

问题描述

我有一个简单的登录页面,并设置了这样的安全性:

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            use_referer: true
            always_use_default_target_path: true
            default_target_path: /
        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, role: ROLE_ADMIN }

和我的base.html.twig文件我有

{% stylesheets '@BrStgCcBundle/Resources/public/css/bootstrap.css' %}
    <link rel="stylesheet" href="{{ asset_url }}" />
{% endstylesheets %}

,只有在我在应用程序中授权的情况下,只有这些文件才能起作用.因此,登录后,系统找到了此资产,但是在没有之前,当我通过Assetic遵循生成的链接之前,我将重定向到登录页面.

在视图中,链接看起来像这样:

<link rel="stylesheet" href="/app_dev.php/css/026adfc_bootstrap_1.css" />

在驱动器上存在此文件,当记录时调用时,请在未记录时显示正确的CSS,将其重定向到登录页面.

推荐答案

这是正常的.您说的是,root dir(模式: ^/)下的所有内容都位于主防火墙后面,要访问这些文件,您需要作为管理员(路径: ^/,cool_admin).因此,您需要设置另一个规则,并说可以匿名访问CSS目录:

- { path: ^/css, role: IS_AUTHENTICATED_ANONYMOUSLY }

其他推荐答案

还发现,如果添加到security.yml:

firewalls:
    dev:
        pattern:    ^/(_profiler|_wdt|css|js|assets)
        security:   false

本文地址:https://www.itbaoku.cn/post/2090784.html

问题描述

I have simple login page and security set up like this:

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            use_referer: true
            always_use_default_target_path: true
            default_target_path: /
        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, role: ROLE_ADMIN }

And in my base.html.twig file I have

{% stylesheets '@BrStgCcBundle/Resources/public/css/bootstrap.css' %}
    <link rel="stylesheet" href="{{ asset_url }}" />
{% endstylesheets %}

And including those file works only if I'm authorized in app. So after login the system finds this asset, but before not it does not, and when I follow generated link by assetic I'm redirected to login page.

In view the link looks like this:

<link rel="stylesheet" href="/app_dev.php/css/026adfc_bootstrap_1.css" />

This file existin on drive, and when called when logged shows proper CSS when not logged it redirects me to login page.

推荐答案

This is normal. You are saying that everything under the root dir (pattern: ^/) is behind the main firewall and that to access these files you need to be an admin (path: ^/, role: ROLE_ADMIN). So you need to set another rule and say that the css directory can be accessed anonymously:

- { path: ^/css, role: IS_AUTHENTICATED_ANONYMOUSLY }

其他推荐答案

Also I've found that this helps if added to security.yml:

firewalls:
    dev:
        pattern:    ^/(_profiler|_wdt|css|js|assets)
        security:   false