From 95fe74d57108faea52df0f1f16277a4c4732cbb0 Mon Sep 17 00:00:00 2001
From: catch <git config --global user.email catch@35733.no-reply.drupal.org>
Date: Wed, 11 Mar 2015 08:31:22 +0000
Subject: [PATCH] Issue #2406681 by tstoeckler, hussainweb, alexpott,
ParisLiakos, almaudoh, tadityar: Add an autoload.php in the repo root to
control the autoloader of front controllers
---
.htaccess | 3 ++-
autoload.php | 19 +++++++++++++++++++
composer.json | 6 ++++++
core/authorize.php | 2 +-
core/install.php | 2 +-
core/modules/statistics/statistics.php | 2 +-
core/modules/system/tests/http.php | 2 +-
core/modules/system/tests/https.php | 2 +-
core/rebuild.php | 2 +-
core/scripts/run-tests.sh | 2 +-
index.php | 2 +-
11 files changed, 35 insertions(+), 9 deletions(-)
create mode 100644 autoload.php
diff --git a/.htaccess b/.htaccess
index 7db5d3e57868..479f923b0006 100644
--- a/.htaccess
+++ b/.htaccess
@@ -138,7 +138,8 @@ DirectoryIndex index.php index.html index.htm
# custom modules or to run another PHP application in the same directory.
RewriteCond %{REQUEST_URI} !/core/modules/statistics/statistics.php$
# Deny access to any other PHP files that do not match the rules above.
- RewriteRule "^.+/.*\.php$" - [F]
+ # Specifically, disallow autoload.php from being served directly.
+ RewriteRule "^(.+/.*|autoload)\.php$" - [F]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
diff --git a/autoload.php b/autoload.php
new file mode 100644
index 000000000000..690e09f8e9bf
--- /dev/null
+++ b/autoload.php
@@ -0,0 +1,19 @@
+<?php
+
+/**
+ * @file
+ * Includes the autoloader created by Composer.
+ *
+ * This file can be edited to change the autoloader if you are managing a
+ * project's dependencies using Composer. If Drupal code requires the
+ * autoloader, it should always be loaded using this file so that projects
+ * using Composer continue to work.
+ *
+ * @see composer.json
+ * @see index.php
+ * @see core/install.php
+ * @see core/rebuild.php
+ * @see core/modules/statistics/statistics.php
+ */
+
+return require_once __DIR__ . '/core/vendor/autoload.php';
diff --git a/composer.json b/composer.json
index 9e870f112088..5bec2ee6f170 100644
--- a/composer.json
+++ b/composer.json
@@ -12,5 +12,11 @@
"config": {
"preferred-install": "dist",
"autoloader-suffix": "Drupal8"
+ },
+ "extra": {
+ "_readme": [
+ "By default Drupal loads the autoloader from ./core/vendor/autoload.php.",
+ "To change the autoloader you can edit ./autoload.php."
+ ]
}
}
diff --git a/core/authorize.php b/core/authorize.php
index dbab02f39adb..0d61004466c5 100644
--- a/core/authorize.php
+++ b/core/authorize.php
@@ -30,7 +30,7 @@
// Change the directory to the Drupal root.
chdir('..');
-$autoloader = require_once __DIR__ . '/vendor/autoload.php';
+$autoloader = require_once 'autoload.php';
/**
* Global flag to identify update.php and authorize.php runs.
diff --git a/core/install.php b/core/install.php
index 3493d4a7702c..08c06e79acf3 100644
--- a/core/install.php
+++ b/core/install.php
@@ -27,6 +27,6 @@
}
// Start the installer.
-$class_loader = require_once __DIR__ . '/vendor/autoload.php';
+$class_loader = require_once 'autoload.php';
require_once __DIR__ . '/includes/install.core.inc';
install_drupal($class_loader);
diff --git a/core/modules/statistics/statistics.php b/core/modules/statistics/statistics.php
index 4d2004646ae6..fe1b9fd72588 100644
--- a/core/modules/statistics/statistics.php
+++ b/core/modules/statistics/statistics.php
@@ -10,7 +10,7 @@
chdir('../../..');
-$autoloader = require_once dirname(dirname(__DIR__)) . '/vendor/autoload.php';
+$autoloader = require_once 'autoload.php';
$kernel = DrupalKernel::createFromRequest(Request::createFromGlobals(), $autoloader, 'prod');
$kernel->boot();
diff --git a/core/modules/system/tests/http.php b/core/modules/system/tests/http.php
index 8c7d556be39f..dfb03667262d 100644
--- a/core/modules/system/tests/http.php
+++ b/core/modules/system/tests/http.php
@@ -10,7 +10,7 @@
chdir('../../../..');
-$autoloader = require_once './core/vendor/autoload.php';
+$autoloader = require_once 'autoload.php';
// Set a global variable to indicate a mock HTTP request.
$is_http_mock = !empty($_SERVER['HTTPS']);
diff --git a/core/modules/system/tests/https.php b/core/modules/system/tests/https.php
index 702184df6270..038b4e640b1b 100644
--- a/core/modules/system/tests/https.php
+++ b/core/modules/system/tests/https.php
@@ -13,7 +13,7 @@
chdir('../../../..');
-$autoloader = require_once './core/vendor/autoload.php';
+$autoloader = require_once 'autoload.php';
// Set a global variable to indicate a mock HTTPS request.
$is_https_mock = empty($_SERVER['HTTPS']);
diff --git a/core/rebuild.php b/core/rebuild.php
index 7ca8af73bf2f..24474d05b461 100644
--- a/core/rebuild.php
+++ b/core/rebuild.php
@@ -20,7 +20,7 @@
// Change the directory to the Drupal root.
chdir('..');
-$autoloader = require_once __DIR__ . '/vendor/autoload.php';
+$autoloader = require_once 'autoload.php';
require_once __DIR__ . '/includes/utility.inc';
$request = Request::createFromGlobals();
diff --git a/core/scripts/run-tests.sh b/core/scripts/run-tests.sh
index 2c13e752d1d9..5da468ba7719 100644
--- a/core/scripts/run-tests.sh
+++ b/core/scripts/run-tests.sh
@@ -15,7 +15,7 @@
use Drupal\simpletest\Form\SimpletestResultsForm;
use Symfony\Component\HttpFoundation\Request;
-$autoloader = require_once __DIR__ . '/../vendor/autoload.php';
+$autoloader = require_once __DIR__ . '/../../autoload.php';
const SIMPLETEST_SCRIPT_COLOR_PASS = 32; // Green.
const SIMPLETEST_SCRIPT_COLOR_FAIL = 31; // Red.
diff --git a/index.php b/index.php
index 867f0e09215a..a44e5c52b4e5 100644
--- a/index.php
+++ b/index.php
@@ -14,7 +14,7 @@
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
-$autoloader = require_once __DIR__ . '/core/vendor/autoload.php';
+$autoloader = require_once 'autoload.php';
try {
--
GitLab