symfony中的资产文件位于防火墙后面吗? [英] Assetic files in symfony are behind the firewall?
问题描述
我有一个简单的登录页面,并设置了这样的安全性:
I have simple login page and security set up like this:
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
use_referer: true
always_use_default_target_path: true
default_target_path: /
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_ADMIN }
在我的base.html.twig文件中,
And in my base.html.twig file I have
{% stylesheets '@BrStgCcBundle/Resources/public/css/bootstrap.css' %}
<link rel="stylesheet" href="{{ asset_url }}" />
{% endstylesheets %}
仅当我在应用程序中获得授权时,包含这些文件才有效.因此,登录后系统会找到该资产,但在此之前找不到它,并且当我按资产跟踪生成的链接时,我将被重定向到登录页面.
And including those file works only if I'm authorized in app. So after login the system finds this asset, but before not it does not, and when I follow generated link by assetic I'm redirected to login page.
在视图中,链接看起来像这样:
In view the link looks like this:
<link rel="stylesheet" href="/app_dev.php/css/026adfc_bootstrap_1.css" />
此文件存在于驱动器中,并且在登录时被调用时,未登录时显示正确的CSS,它将我重定向到登录页面.
This file existin on drive, and when called when logged shows proper CSS when not logged it redirects me to login page.
推荐答案
这很正常.您是说根目录下的所有内容(模式:^/)都位于主防火墙之后,要访问这些文件,您需要成为管理员(路径:^/,角色:ROLE_ADMIN).因此,您需要设置另一个规则,并说可以匿名访问css目录:
This is normal. You are saying that everything under the root dir (pattern: ^/) is behind the main firewall and that to access these files you need to be an admin (path: ^/, role: ROLE_ADMIN). So you need to set another rule and say that the css directory can be accessed anonymously:
- { path: ^/css, role: IS_AUTHENTICATED_ANONYMOUSLY }
这篇关于symfony中的资产文件位于防火墙后面吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!