Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Pledge Symfony Routing
Readme

Pledge Symfony Routing Laravel Package

ctors/pledge-symfony-routing

View on GitHub
Deep Wiki
Context7

Symfony pledge/unveil routing support

This bundle adds PHP attributes #[Pledge] and #[Unveil] so you can add these to your routes. It's possible to add these attributes to your route class, or method and it is possible to add multiple of them.

Installing

composer require ctors/pledge-symfony-routing

The bundle requires ext/pledge, which is available as an OpenBSD port and package. See pecl-pledge for installation instructions.

cd /usr/ports/www/pecl-pledge
env FLAVOR="php82" make install

pkg_add pecl82-pledge-2.1.0

Using

#[Unveil('/', 'r')]
#[Unveil('/htdocs/var/log', 'rwc')]
#[Unveil('/htdocs/var/cache', 'rwc')]
class DnsLookupController extends AbstractController
{
    #[Route('/hello', name: 'hello')]
    #[Unveil] // Disallow future unveil calls
    #[Pledge('stdio rpath wpath cpath fattr flock')]
    public function index(): Response
    {
        return $this->render('hello/index.html.twig');
    }
}

If you want to write in an additional directory you can modify it like this:

#[Unveil('/', 'r')]
#[Unveil('/htdocs/var/log', 'rwc')]
#[Unveil('/htdocs/var/cache', 'rwc')]
class DnsLookupController extends AbstractController
{
    #[Route('/hello', name: 'hello')]
    #[Unveil('/htdocs/src/Controller', 'rwc')]
    #[Unveil] // Disallow future unveil calls
    #[Pledge('stdio rpath wpath cpath fattr flock')]
    public function index(): Response
    {
        file_put_contents(__DIR__.'/test', 'ohai');

        return $this->render('hello/index.html.twig');
    }
}

If you want to connect to a MariaDB database over TCP/IP, add the inet pledge:

#[Unveil('/', 'r')]
#[Unveil('/htdocs/var/log', 'rwc')]
#[Unveil('/htdocs/var/cache', 'rwc')]
class DnsLookupController extends AbstractController
{
    public function __construct(
        private UserRepository $userRepository,
    ) {
    }

    #[Route('/hello', name: 'hello')]
    #[Unveil] // Disallow future unveil calls
    #[Pledge('stdio rpath wpath cpath fattr flock inet')]
    public function index(): Response
    {
        return $this->render(
            'hello/index.html.twig',
            [
                'users' => $this->userRepository->findAll(),
            ]
        );
    }
}

See pecl-pledge for configuring this on an FPM pool level.

Notes

Make sure to set PHP-FPM pm.max_requests = 1 so you don't reuse a pledged/unveiled process.

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui
devgeek/beacon-admin
benjamin-rqt/data-watcher-bundle
atriumphp/atrium
sandermuller/package-boost-laravel
sandermuller/boost-skills
redaxo/core
yusufgenc/filament-api-forge
l3aro/rating-star-for-filament
leek/filament-subtenant-scope