HTTP Class Technical Documentation (diff)

Difference between revisions for Users / Eo Ny / dev

Version1	Version2	Differences
1	1	== HTTP Class Technical Documentation ==
2	2
	3	{{toc numerate=1}}
3	4	=== Overview ===
4	5
5	6	The ##Http## class (##src/class/http.php##) is a core component of the WackoWiki system responsible for handling HTTP request/response processing, session management, caching, and security features. This class acts as a bridge between the web server and the wiki engine.
…	…	…
23	24	\|\| ##$method## \| string \| Current HTTP method/request type \|\|
24	25	\|#
25	26
26		==== Private Properties ====
27
28
	27	====Private Properties====
	28
	29	#\|
	30	\| Property \| Type \| Description \|
	31	\|\| ##$db## \| object \| Database connection reference \|\|
	32	\|\| ##$tls_mark## \| string \| Cookie name for TLS session marking \|\|
	33	\|\| ##$page## \| string \| Current page name being processed \|\|
	34	\|\| ##$hash## \| string \| SHA1 hash of the page name \|\|
	35	\|\| ##$query## \| string \| Encoded query string \|\|
	36	\|\| ##$lang## \| string \| Current language code \|\|
	37	\|\| ##$file## \| string \| Cache file path \|\|
	38	\|\| ##$caching## \| int \| Flag indicating if page should be cached (0 or 1) \|\|
	39	\|#
	40
	41	----
29	42	=== Constructor ===
30	43
31	44	%%php
…	…	…
99	112
100	113	----
101	114
102		===== ~~##store_cache(): void##~~ =====
	115	=====##store_cache(): void##=====
103	116	Saves the generated page content to cache file.
104	117
105	118	Features:
…	…	…
109	122	- Only executes if caching flag is set and user is anonymous
110	123
111	124	Example:
112		%%~~php~~
	125	%%(hl php)
113	126	// Called at end of page rendering
114	127	$http->store_cache();
115	128	%%
…	…	…
219	232
220	233	==== Security Headers ====
221	234
222		===== ##http_security_headers(): void## =====
223
224
	235	=====##http_security_headers(): void##=====
	236
	237	Sets security-related HTTP headers.
	238
	239	Headers Set:
	240
	241	#\|
	242	\| Header \| Purpose \| Config Key \|
	243	\|\| Content-Security-Policy \| XSS/injection protection \| ##csp## \|\|
	244	\|\| Permissions-Policy \| Control browser features \| ##permissions_policy## \|\|
	245	\|\| Referrer-Policy \| Control referrer information \| ##referrer_policy## \|\|
	246	\|\| Strict-Transport-Security \| Force HTTPS \| Auto (TLS only) \|\|
	247	\|\| X-Frame-Options \| Clickjacking protection \| Hardcoded: ##SAMEORIGIN## \|\|
	248	\|\| X-Content-Type-Options \| MIME sniffing prevention \| Hardcoded: ##nosniff## \|\|
	249	\|#
	250
	251	CSP Configuration Options:
	252	- ##0## - Disabled
	253	- ##1## - Default policy (from ##csp.conf##)
	254	- ##2## - Custom policy (from ##csp_custom.conf##)
	255
	256	Example:
	257	%%php
	258	$http->http_security_headers();
	259	%%
	260
	261	----
225	262	==== HTTP Methods ====
226	263
227	264	===== ##redirect($url, $permanent = false): void## =====
…	…	…
486	523
487	524	----
488	525
489		=== Configuration Dependencies ===
490
491
492
493		=== Constants Used ===
494
495
	526	===Configuration Dependencies===
	527
	528	The class relies on these database configuration settings:
	529
	530	#\|
	531	\| Setting \| Type \| Purpose \|
	532	\|\| ##base_url## \| string \| Wiki's base URL \|\|
	533	\|\| ##tls## \| bool \| Enable HTTPS enforcement \|\|
	534	\|\| ##cache## \| bool \| Enable page caching \|\|
	535	\|\| ##cache_ttl## \| int \| Cache lifetime in seconds \|\|
	536	\|\| ##session_store## \| int \| 1=File, 0=Database \|\|
	537	\|\| ##system_seed_hash## \| string \| Session encryption seed \|\|
	538	\|\| ##cookie_prefix## \| string \| Session cookie prefix \|\|
	539	\|\| ##cookie_path## \| string \| Cookie path \|\|
	540	\|\| ##allow_persistent_cookie## \| bool \| Allow persistent login \|\|
	541	\|\| ##session_length## \| int \| Session lifetime in seconds \|\|
	542	\|\| ##reverse_proxy_addresses## \| string \| Comma/space-separated proxy IPs \|\|
	543	\|\| ##reverse_proxy_header## \| string \| Custom X-Forwarded header \|\|
	544	\|\| ##language## \| string \| Default language code \|\|
	545	\|\| ##multilanguage## \| bool \| Enable language negotiation \|\|
	546	\|\| ##allowed_languages## \| string \| Comma/space-separated allowed langs \|\|
	547	\|\| ##enable_security_headers## \| bool \| Send security headers \|\|
	548	\|\| ##csp## \| int \| CSP setting (0/1/2) \|\|
	549	\|\| ##permissions_policy## \| int \| Permissions-Policy setting (0/1/2) \|\|
	550	\|\| ##referrer_policy## \| int \| Referrer-Policy setting (0-8) \|\|
	551	\|#
	552
	553	----
	554
	555	===Constants Used===
	556
	557	#\|
	558	\| Constant \| Type \| Purpose \|
	559	\|\| ##IN_WACKO## \| bool \| Security check (exit if not defined) \|\|
	560	\|\| ##CHMOD_SAFE## \| int \| File permissions for cache files \|\|
	561	\|\| ##CHMOD_FILE## \| int \| File permissions for config cache \|\|
	562	\|\| ##CACHE_PAGE_DIR## \| string \| Page cache directory \|\|
	563	\|\| ##CACHE_SESSION_DIR## \| string \| Session cache directory \|\|
	564	\|\| ##CACHE_CONFIG_DIR## \| string \| Config cache directory \|\|
	565	\|\| ##CONFIG_DIR## \| string \| Configuration directory \|\|
	566	\|\| ##LANG_DIR## \| string \| Language files directory \|\|
	567	\|\| ##DAYSECS## \| int \| Seconds in a day (86400) \|\|
	568	\|\| ##HTTP_404## \| string \| Path to 404 error page \|\|
	569	\|\| ##HTTP_403## \| string \| Path to 403 error page \|\|
	570	\|#
	571
	572	----
496	573
497	574	=== Workflow Examples ===
498	575
499		==== ~~Example 1: Handling a GET Request~~ ====
500
501		%%~~php~~
	576	====Example 1: Handling a GET Request====
	577
	578	%%(hl php)
502	579	// In main wiki entry point
503	580	$http = new Http($db);
504	581	$http->session(0); // Start session