public function TwigSandboxPolicy::checkMethodAllowed
public TwigSandboxPolicy::checkMethodAllowed($obj, $method)
Overrides Twig_Sandbox_SecurityPolicyInterface::checkMethodAllowed
File
- core/lib/Drupal/Core/Template/TwigSandboxPolicy.php, line 79
Class
- TwigSandboxPolicy
- Default sandbox policy for Twig templates.
Namespace
Drupal\Core\TemplateCode
public function checkMethodAllowed($obj, $method) { foreach ($this->whitelisted_classes as $class => $key) { if ($obj instanceof $class) { return TRUE; } } // Return quickly for an exact match of the method name. if (isset($this->whitelisted_methods[$method])) { return TRUE; } // If the method name starts with a whitelisted prefix, allow it. // Note: strpos() is between 3x and 7x faster than preg_match in this case. foreach ($this->whitelisted_prefixes as $prefix) { if (strpos($method, $prefix) === 0) { return TRUE; } } throw new \Twig_Sandbox_SecurityError(sprintf('Calling "%s" method on a "%s" object is not allowed.', $method, get_class($obj))); }
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!Template!TwigSandboxPolicy.php/function/TwigSandboxPolicy::checkMethodAllowed/8.1.x