vendor/contao/core-bundle/src/Twig/Extension/ContaoExtension.php line 187

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. /*
  6. * This file is part of Contao.
  7. *
  8. * (c) Leo Feyer
  9. *
  10. * @license LGPL-3.0-or-later
  11. */
  13. namespace Contao\CoreBundle\Twig\Extension;
  15. use Contao\BackendTemplateTrait;
  16. use Contao\CoreBundle\InsertTag\ChunkedText;
  17. use Contao\CoreBundle\Twig\Inheritance\DynamicExtendsTokenParser;
  18. use Contao\CoreBundle\Twig\Inheritance\DynamicIncludeTokenParser;
  19. use Contao\CoreBundle\Twig\Interop\ContaoEscaper;
  20. use Contao\CoreBundle\Twig\Interop\ContaoEscaperNodeVisitor;
  21. use Contao\CoreBundle\Twig\Interop\PhpTemplateProxyNode;
  22. use Contao\CoreBundle\Twig\Interop\PhpTemplateProxyNodeVisitor;
  23. use Contao\CoreBundle\Twig\Loader\ContaoFilesystemLoader;
  24. use Contao\CoreBundle\Twig\Runtime\FigureRendererRuntime;
  25. use Contao\CoreBundle\Twig\Runtime\InsertTagRuntime;
  26. use Contao\CoreBundle\Twig\Runtime\LegacyTemplateFunctionsRuntime;
  27. use Contao\CoreBundle\Twig\Runtime\PictureConfigurationRuntime;
  28. use Contao\CoreBundle\Twig\Runtime\SchemaOrgRuntime;
  29. use Contao\FrontendTemplateTrait;
  30. use Contao\Template;
  31. use Symfony\Component\Filesystem\Path;
  32. use Twig\Environment;
  33. use Twig\Extension\AbstractExtension;
  34. use Twig\Extension\CoreExtension;
  35. use Twig\Extension\EscaperExtension;
  36. use Twig\Node\Expression\ConstantExpression;
  37. use Twig\Node\Node;
  38. use Twig\TwigFilter;
  39. use Twig\TwigFunction;
  41. /**
  42. * @experimental
  43. */
  44. final class ContaoExtension extends AbstractExtension
  45. {
  46. private Environment $environment;
  47. private ContaoFilesystemLoader $filesystemLoader;
  48. private array $contaoEscaperFilterRules = [];
  50. public function __construct(Environment $environment, ContaoFilesystemLoader $filesystemLoader)
  51. {
  52. $this->environment = $environment;
  53. $this->filesystemLoader = $filesystemLoader;
  55. $contaoEscaper = new ContaoEscaper();
  57. /** @var EscaperExtension $escaperExtension */
  58. $escaperExtension = $environment->getExtension(EscaperExtension::class);
  60. // Forward compatibility with twig/twig >=3.10.0
  61. if (method_exists($escaperExtension, 'setEnvironment')) {
  62. $escaperExtension->setEnvironment($environment);
  63. }
  65. $escaperExtension->setEscaper('contao_html', [$contaoEscaper, 'escapeHtml']);
  66. $escaperExtension->setEscaper('contao_html_attr', [$contaoEscaper, 'escapeHtmlAttr']);
  68. // Use our escaper on all templates in the "@Contao" and "@Contao_*"
  69. // namespaces, as well as the existing bundle templates we're already
  70. // shipping.
  71. $this->addContaoEscaperRule('%^@Contao(_[a-zA-Z0-9_-]*)?/%');
  72. $this->addContaoEscaperRule('%^@Contao(Core|Installation)/%');
  73. }
  75. /**
  76. * Adds a Contao escaper rule.
  77. *
  78. * If a template name matches any of the defined rules, it will be processed
  79. * with the "contao_html" escaper strategy. Make sure your rule will only
  80. * match templates with input encoded contexts!
  81. */
  82. public function addContaoEscaperRule(string $regularExpression): void
  83. {
  84. if (\in_array($regularExpression, $this->contaoEscaperFilterRules, true)) {
  85. return;
  86. }
  88. $this->contaoEscaperFilterRules[] = $regularExpression;
  89. }
  91. public function getNodeVisitors(): array
  92. {
  93. return [
  94. // Enables the "contao_twig" escaper for Contao templates with
  95. // input encoding
  96. new ContaoEscaperNodeVisitor(
  97. fn () => $this->contaoEscaperFilterRules
  98. ),
  99. // Allows rendering PHP templates with the legacy framework by
  100. // installing proxy nodes
  101. new PhpTemplateProxyNodeVisitor(self::class),
  102. // Triggers PHP deprecations if deprecated constructs are found in
  103. // the parsed templates.
  104. new DeprecationsNodeVisitor(),
  105. ];
  106. }
  108. public function getTokenParsers(): array
  109. {
  110. return [
  111. // Overwrite the parsers for the "extends" and "include" tags to
  112. // additionally support the Contao template hierarchy
  113. new DynamicExtendsTokenParser($this->filesystemLoader),
  114. new DynamicIncludeTokenParser($this->filesystemLoader),
  115. ];
  116. }
  118. public function getFunctions(): array
  119. {
  120. $includeFunctionCallable = $this->getTwigIncludeFunction()->getCallable();
  122. return [
  123. // Overwrite the "include" function to additionally support the
  124. // Contao template hierarchy
  125. new TwigFunction(
  126. 'include',
  127. function (Environment $env, $context, $template, $variables = [], $withContext = true, $ignoreMissing = false, $sandboxed = false /* we need named arguments here */) use ($includeFunctionCallable) {
  128. $args = \func_get_args();
  129. $args[2] = DynamicIncludeTokenParser::adjustTemplateName($template, $this->filesystemLoader);
  131. return $includeFunctionCallable(...$args);
  132. },
  133. ['needs_environment' => true, 'needs_context' => true, 'is_safe' => ['all']]
  134. ),
  135. new TwigFunction(
  136. 'contao_figure',
  137. [FigureRendererRuntime::class, 'render'],
  138. ['is_safe' => ['html']]
  139. ),
  140. new TwigFunction(
  141. 'picture_config',
  142. [PictureConfigurationRuntime::class, 'fromArray']
  143. ),
  144. new TwigFunction(
  145. 'insert_tag',
  146. [InsertTagRuntime::class, 'renderInsertTag'],
  147. ),
  148. new TwigFunction(
  149. 'add_schema_org',
  150. [SchemaOrgRuntime::class, 'add']
  151. ),
  152. new TwigFunction(
  153. 'contao_sections',
  154. [LegacyTemplateFunctionsRuntime::class, 'renderLayoutSections'],
  155. ['needs_context' => true, 'is_safe' => ['html']]
  156. ),
  157. new TwigFunction(
  158. 'contao_section',
  159. [LegacyTemplateFunctionsRuntime::class, 'renderLayoutSection'],
  160. ['needs_context' => true, 'is_safe' => ['html']]
  161. ),
  162. new TwigFunction(
  163. 'render_contao_backend_template',
  164. [LegacyTemplateFunctionsRuntime::class, 'renderContaoBackendTemplate'],
  165. ['is_safe' => ['html']]
  166. ),
  167. ];
  168. }
  170. public function getFilters(): array
  171. {
  172. $escaperFilter = static function (Environment $env, $string, $strategy = 'html', $charset = null, $autoescape = false) {
  173. if ($string instanceof ChunkedText) {
  174. $parts = [];
  176. foreach ($string as [$type, $chunk]) {
  177. if (ChunkedText::TYPE_RAW === $type) {
  178. $parts[] = $chunk;
  179. } else {
  180. $parts[] = twig_escape_filter($env, $chunk, $strategy, $charset);
  181. }
  182. }
  184. return implode('', $parts);
  185. }
  187. return twig_escape_filter($env, $string, $strategy, $charset, $autoescape);
  188. };
  190. $twigEscaperFilterIsSafe = static function (Node $filterArgs): array {
  191. $expression = iterator_to_array($filterArgs)[0] ?? null;
  193. if ($expression instanceof ConstantExpression) {
  194. $value = $expression->getAttribute('value');
  196. // Our escaper strategy variants that tolerate input encoding are
  197. // also safe in the original context (e.g. for the filter argument
  198. // 'contao_html' we will return ['contao_html', 'html']).
  199. if (\in_array($value, ['contao_html', 'contao_html_attr'], true)) {
  200. return [$value, substr($value, 7)];
  201. }
  202. }
  204. return twig_escape_filter_is_safe($filterArgs);
  205. };
  207. return [
  208. // Overwrite the "escape" filter to additionally support chunked
  209. // text and our escaper strategies
  210. new TwigFilter(
  211. 'escape',
  212. $escaperFilter,
  213. ['needs_environment' => true, 'is_safe_callback' => $twigEscaperFilterIsSafe],
  214. ),
  215. new TwigFilter(
  216. 'e',
  217. $escaperFilter,
  218. ['needs_environment' => true, 'is_safe_callback' => $twigEscaperFilterIsSafe],
  219. ),
  220. new TwigFilter(
  221. 'insert_tag',
  222. [InsertTagRuntime::class, 'replaceInsertTags']
  223. ),
  224. new TwigFilter(
  225. 'insert_tag_raw',
  226. [InsertTagRuntime::class, 'replaceInsertTagsChunkedRaw']
  227. ),
  228. ];
  229. }
  231. /**
  232. * @see PhpTemplateProxyNode
  233. * @see PhpTemplateProxyNodeVisitor
  234. *
  235. * @internal
  236. */
  237. public function renderLegacyTemplate(string $name, array $blocks, array $context): string
  238. {
  239. $template = Path::getFilenameWithoutExtension($name);
  241. $partialTemplate = new class($template) extends Template {
  242. use BackendTemplateTrait;
  243. use FrontendTemplateTrait;
  245. public function setBlocks(array $blocks): void
  246. {
  247. $this->arrBlocks = array_map(static fn ($block) => \is_array($block) ? $block : [$block], $blocks);
  248. }
  250. public function parse(): string
  251. {
  252. return $this->inherit();
  253. }
  255. protected function renderTwigSurrogateIfExists(): ?string
  256. {
  257. return null;
  258. }
  259. };
  261. $partialTemplate->setData($context);
  262. $partialTemplate->setBlocks($blocks);
  264. return $partialTemplate->parse();
  265. }
  267. private function getTwigIncludeFunction(): TwigFunction
  268. {
  269. foreach ($this->environment->getExtension(CoreExtension::class)->getFunctions() as $function) {
  270. if ('include' === $function->getName()) {
  271. return $function;
  272. }
  273. }
  275. throw new \RuntimeException(sprintf('The %s class was expected to register the "include" Twig function but did not.', CoreExtension::class));
  276. }
  277. }