symfony中的资产文件位于防火墙后面吗? [英] Assetic files in symfony are behind the firewall?

问题描述

我有一个简单的登录页面，并设置了这样的安全性:

I have simple login page and security set up like this:

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            use_referer: true
            always_use_default_target_path: true
            default_target_path: /
        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, role: ROLE_ADMIN }

在我的base.html.twig文件中，

And in my base.html.twig file I have

{% stylesheets '@BrStgCcBundle/Resources/public/css/bootstrap.css' %}
    <link rel="stylesheet" href="{{ asset_url }}" />
{% endstylesheets %}

仅当我在应用程序中获得授权时，包含这些文件才有效.因此，登录后系统会找到该资产，但在此之前找不到它，并且当我按资产跟踪生成的链接时，我将被重定向到登录页面.

And including those file works only if I'm authorized in app. So after login the system finds this asset, but before not it does not, and when I follow generated link by assetic I'm redirected to login page.

在视图中，链接看起来像这样:

In view the link looks like this:

<link rel="stylesheet" href="/app_dev.php/css/026adfc_bootstrap_1.css" />

此文件存在于驱动器中，并且在登录时被调用时，未登录时显示正确的CSS，它将我重定向到登录页面.

This file existin on drive, and when called when logged shows proper CSS when not logged it redirects me to login page.

推荐答案

这很正常.您是说根目录下的所有内容(模式:^/)都位于主防火墙之后，要访问这些文件，您需要成为管理员(路径:^/，角色:ROLE_ADMIN).因此，您需要设置另一个规则，并说可以匿名访问css目录:

This is normal. You are saying that everything under the root dir (pattern: ^/) is behind the main firewall and that to access these files you need to be an admin (path: ^/, role: ROLE_ADMIN). So you need to set another rule and say that the css directory can be accessed anonymously:

- { path: ^/css, role: IS_AUTHENTICATED_ANONYMOUSLY }

这篇关于symfony中的资产文件位于防火墙后面吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！