HTTP Class Technical Documentation (diff)

Difference between revisions for Users / Eo Ny / dev

Version1		Version2
1	== HTTP Class Technical Documentation ==	1	== HTTP Class Technical Documentation ==
2		2
		3	{{toc numerate=1}}
3	=== Overview ===	4	=== Overview ===
4		5
5	The ##Http## class (##src/class/http.php##) is a core component of the WackoWiki system responsible for handling HTTP request/response processing, session management, caching, and security features. This class acts as a bridge between the web server and the wiki engine.	6	The ##Http## class (##src/class/http.php##) is a core component of the WackoWiki system responsible for handling HTTP request/response processing, session management, caching, and security features. This class acts as a bridge between the web server and the wiki engine.
…	…	…	…
111		112
112	----	113	----
113		114
114	===== ~~##store_cache(): void##~~ =====	115	=====##store_cache(): void##=====
115	Saves the generated page content to cache file.	116	Saves the generated page content to cache file.
116		117
117	Features:	118	Features:
…	…	…	…
121	- Only executes if caching flag is set and user is anonymous	122	- Only executes if caching flag is set and user is anonymous
122		123
123	Example:	124	Example:
124	%%~~php~~	125	%%(hl php)
125	// Called at end of page rendering	126	// Called at end of page rendering
126	$http->store_cache();	127	$http->store_cache();
127	%%	128	%%
…	…	…	…
231		232
232	==== Security Headers ====	233	==== Security Headers ====
233		234
234	===== ##http_security_headers(): void## =====	235	=====##http_security_headers(): void##=====
235		236
236		237	Sets security-related HTTP headers.
		238
		239	Headers Set:
		240
		241	#\|
		242	\| Header \| Purpose \| Config Key \|
		243	\|\| Content-Security-Policy \| XSS/injection protection \| ##csp## \|\|
		244	\|\| Permissions-Policy \| Control browser features \| ##permissions_policy## \|\|
		245	\|\| Referrer-Policy \| Control referrer information \| ##referrer_policy## \|\|
		246	\|\| Strict-Transport-Security \| Force HTTPS \| Auto (TLS only) \|\|
		247	\|\| X-Frame-Options \| Clickjacking protection \| Hardcoded: ##SAMEORIGIN## \|\|
		248	\|\| X-Content-Type-Options \| MIME sniffing prevention \| Hardcoded: ##nosniff## \|\|
		249	\|#
		250
		251	CSP Configuration Options:
		252	- ##0## - Disabled
		253	- ##1## - Default policy (from ##csp.conf##)
		254	- ##2## - Custom policy (from ##csp_custom.conf##)
		255
		256	Example:
		257	%%php
		258	$http->http_security_headers();
		259	%%
		260
		261	----
237	==== HTTP Methods ====	262	==== HTTP Methods ====
238		263
239	===== ##redirect($url, $permanent = false): void## =====	264	===== ##redirect($url, $permanent = false): void## =====
…	…	…	…
498		523
499	----	524	----
500		525
501	=== Configuration Dependencies ===	526	===Configuration Dependencies===
502		527
503		528	The class relies on these database configuration settings:
504		529
505	=== Constants Used ===	530	#\|
506		531	\| Setting \| Type \| Purpose \|
507		532	\|\| ##base_url## \| string \| Wiki's base URL \|\|
		533	\|\| ##tls## \| bool \| Enable HTTPS enforcement \|\|
		534	\|\| ##cache## \| bool \| Enable page caching \|\|
		535	\|\| ##cache_ttl## \| int \| Cache lifetime in seconds \|\|
		536	\|\| ##session_store## \| int \| 1=File, 0=Database \|\|
		537	\|\| ##system_seed_hash## \| string \| Session encryption seed \|\|
		538	\|\| ##cookie_prefix## \| string \| Session cookie prefix \|\|
		539	\|\| ##cookie_path## \| string \| Cookie path \|\|
		540	\|\| ##allow_persistent_cookie## \| bool \| Allow persistent login \|\|
		541	\|\| ##session_length## \| int \| Session lifetime in seconds \|\|
		542	\|\| ##reverse_proxy_addresses## \| string \| Comma/space-separated proxy IPs \|\|
		543	\|\| ##reverse_proxy_header## \| string \| Custom X-Forwarded header \|\|
		544	\|\| ##language## \| string \| Default language code \|\|
		545	\|\| ##multilanguage## \| bool \| Enable language negotiation \|\|
		546	\|\| ##allowed_languages## \| string \| Comma/space-separated allowed langs \|\|
		547	\|\| ##enable_security_headers## \| bool \| Send security headers \|\|
		548	\|\| ##csp## \| int \| CSP setting (0/1/2) \|\|
		549	\|\| ##permissions_policy## \| int \| Permissions-Policy setting (0/1/2) \|\|
		550	\|\| ##referrer_policy## \| int \| Referrer-Policy setting (0-8) \|\|
		551	\|#
		552
		553	----
		554
		555	===Constants Used===
		556
		557	#\|
		558	\| Constant \| Type \| Purpose \|
		559	\|\| ##IN_WACKO## \| bool \| Security check (exit if not defined) \|\|
		560	\|\| ##CHMOD_SAFE## \| int \| File permissions for cache files \|\|
		561	\|\| ##CHMOD_FILE## \| int \| File permissions for config cache \|\|
		562	\|\| ##CACHE_PAGE_DIR## \| string \| Page cache directory \|\|
		563	\|\| ##CACHE_SESSION_DIR## \| string \| Session cache directory \|\|
		564	\|\| ##CACHE_CONFIG_DIR## \| string \| Config cache directory \|\|
		565	\|\| ##CONFIG_DIR## \| string \| Configuration directory \|\|
		566	\|\| ##LANG_DIR## \| string \| Language files directory \|\|
		567	\|\| ##DAYSECS## \| int \| Seconds in a day (86400) \|\|
		568	\|\| ##HTTP_404## \| string \| Path to 404 error page \|\|
		569	\|\| ##HTTP_403## \| string \| Path to 403 error page \|\|
		570	\|#
		571
		572	----
508		573
509	=== Workflow Examples ===	574	=== Workflow Examples ===
510		575
511	==== ~~Example 1: Handling a GET Request~~ ====	576	====Example 1: Handling a GET Request====
512		577
513	%%~~php~~	578	%%(hl php)
514	// In main wiki entry point	579	// In main wiki entry point
515	$http = new Http($db);	580	$http = new Http($db);
516	$http->session(0); // Start session	581	$http->session(0); // Start session