Merge pull request #2730 from omniError/ticket/12831

[ticket/12831] Allow events in page_header functions to prevent the setting of HTTP headers
2025-06-28 06:08:52 +00:00 · 2014-08-10 15:05:28 +02:00 · 2014-08-10 15:05:28 +02:00 · 472fe9fe60
commit 472fe9fe60
parent 547c8a6d8b 71d39ab7d5
2 changed files with 42 additions and 16 deletions
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -5041,6 +5041,20 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 		'SITE_LOGO_IMG'			=> $user->img('site_logo'),
 	));

+	// An array of http headers that phpbb will set. The following event may override these.
+	$http_headers = array(
+		// application/xhtml+xml not used because of IE
+		'Content-type' => 'text/html; charset=UTF-8',
+		'Cache-Control' => 'private, no-cache="set-cookie"',
+		'Expires' => '0',
+		'Pragma' => 'no-cache',
+	);
+	if (!empty($user->data['is_bot']))
+	{
+		// Let reverse proxies know we detected a bot.
+		$http_headers['X-PHPBB-IS-BOT'] = 'yes';
+	}
+
 	/**
 	* Execute code and/or overwrite _common_ template variables after they have been assigned.
 	*
@ -5051,23 +5065,16 @@ function page_header($page_title = '', $display_online_list = false, $item_id =
 	*									session item, e.g. forum for
 	*									session_forum_id
 	* @var	int		item_id				Restrict online users to item id
+	* @var	array		http_headers			HTTP headers that should be set by phpbb
 	*
 	* @since 3.1.0-b3
 	*/
-	$vars = array('page_title', 'display_online_list', 'item_id', 'item');
+	$vars = array('page_title', 'display_online_list', 'item_id', 'item', 'http_headers');
 	extract($phpbb_dispatcher->trigger_event('core.page_header_after', compact($vars)));

-	// application/xhtml+xml not used because of IE
-	header('Content-type: text/html; charset=UTF-8');
-
-	header('Cache-Control: private, no-cache="set-cookie"');
-	header('Expires: 0');
-	header('Pragma: no-cache');
-
-	if (!empty($user->data['is_bot']))
+	foreach ($http_headers as $hname => $hval)
 	{
-		// Let reverse proxies know we detected a bot.
-		header('X-PHPBB-IS-BOT: yes');
+		header((string) $hname . ': ' . (string) $hval);
 	}

 	return;
--- a/phpBB/includes/functions_acp.php
+++ b/phpBB/includes/functions_acp.php
@ -107,12 +107,31 @@ function adm_page_header($page_title)
 		'S_CONTENT_FLOW_END'	=> ($user->lang['DIRECTION'] == 'ltr') ? 'right' : 'left',
 	));

-	// application/xhtml+xml not used because of IE
-	header('Content-type: text/html; charset=UTF-8');
+	// An array of http headers that phpbb will set. The following event may override these.
+	$http_headers = array(
+		// application/xhtml+xml not used because of IE
+		'Content-type' => 'text/html; charset=UTF-8',
+		'Cache-Control' => 'private, no-cache="set-cookie"',
+		'Expires' => '0',
+		'Pragma' => 'no-cache',
+	);

-	header('Cache-Control: private, no-cache="set-cookie"');
-	header('Expires: 0');
-	header('Pragma: no-cache');
+	/**
+	* Execute code and/or overwrite _common_ template variables after they have been assigned.
+	*
+	* @event core.adm_page_header_after
+	* @var	string	page_title			Page title
+	* @var	array	http_headers			HTTP headers that should be set by phpbb
+	*
+	* @since 3.1.0-RC3
+	*/
+	$vars = array('page_title', 'http_headers');
+	extract($phpbb_dispatcher->trigger_event('core.adm_page_header_after', compact($vars)));
+
+	foreach ($http_headers as $hname => $hval)
+	{
+		header((string) $hname . ': ' . (string) $hval);
+	}

 	return;
 }