core/PlatformRequest.php at trunk · shopware/core · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<?php declare(strict_types=1);

namespace Shopware\Core;

use Shopware\Core\Framework\Log\Package;

#[Package('framework')]
final class PlatformRequest
{
    /**
     * Response Headers
     */
    public const HEADER_FRAME_OPTIONS = 'x-frame-options';

    /**
     * Context headers
     */
    public const HEADER_CONTEXT_TOKEN = 'sw-context-token';
    public const HEADER_ACCESS_KEY = 'sw-access-key';
    public const HEADER_LANGUAGE_ID = 'sw-language-id';
    public const HEADER_CURRENCY_ID = 'sw-currency-id';
    public const HEADER_INHERITANCE = 'sw-inheritance';
    public const HEADER_VERSION_ID = 'sw-version-id';
    public const HEADER_INCLUDE_SEO_URLS = 'sw-include-seo-urls';
    public const HEADER_INCLUDE_SEARCH_INFO = 'sw-include-search-info';
    public const HEADER_SKIP_TRIGGER_FLOW = 'sw-skip-trigger-flow';
    public const HEADER_APP_INTEGRATION_ID = 'sw-app-integration-id';
    public const HEADER_APP_USER_ID = 'sw-app-user-id';
    public const HEADER_INDEXING_BEHAVIOR = 'indexing-behavior';
    public const HEADER_INDEXING_SKIP = 'indexing-skip';
    public const HEADER_INDEXING_ONLY = 'indexing-only';
    public const HEADER_FORCE_CACHE_INVALIDATE = 'sw-force-cache-invalidate';

    public const HEADER_MEASUREMENT_WEIGHT_UNIT = 'sw-measurement-weight-unit';

    public const HEADER_MEASUREMENT_LENGTH_UNIT = 'sw-measurement-length-unit';

    /**
     * API Expectation headers to check requirements are fulfilled
     */
    public const HEADER_EXPECT_PACKAGES = 'sw-expect-packages';

    /**
     * Context hash header used for cache differentiation on user-independent routes
     *
     * The hash is used to differentiate cache entries for the same route when the context
     * changes (e.g., different language, currency, or rules). This ensures that
     * user-independent routes like product listings, category pages, and search results
     * are properly cached per context variation while maintaining cache efficiency.
     *
     * The header is automatically added to Store API responses and included in the Vary
     * header together with HEADER_LANGUAGE_ID and HEADER_CURRENCY_ID to ensure proper
     * cache separation by reverse proxies and CDNs.
     *
     * Header has to be included in every request to ensure cache hits.
     *
     * @deprecated tag:v6.8.0 - Will be removed, use HttpCacheKeyGenerator::CONTEXT_CACHE_COOKIE instead
     */
    public const HEADER_CONTEXT_HASH = 'sw-context-hash';

    /**
     * Context attributes
     */
    public const ATTRIBUTE_CONTEXT_OBJECT = 'sw-context';
    public const ATTRIBUTE_SALES_CHANNEL_CONTEXT_OBJECT = 'sw-sales-channel-context';
    public const ATTRIBUTE_SALES_CHANNEL_ID = 'sw-sales-channel-id';
    public const ATTRIBUTE_IMITATING_USER_ID = 'sw-imitating-user-id';

    public const ATTRIBUTE_ACL = '_acl';
    public const ATTRIBUTE_CAPTCHA = '_captcha';
    public const ATTRIBUTE_ROUTE_SCOPE = '_routeScope';
    public const ATTRIBUTE_ENTITY = '_entity';
    public const ATTRIBUTE_NO_STORE = '_noStore';
    public const ATTRIBUTE_HTTP_CACHE = '_httpCache';
    public const ATTRIBUTE_CONTEXT_TOKEN_REQUIRED = '_contextTokenRequired';
    public const ATTRIBUTE_LOGIN_REQUIRED = '_loginRequired';
    public const ATTRIBUTE_LOGIN_REQUIRED_ALLOW_GUEST = '_loginRequiredAllowGuest';
    public const ATTRIBUTE_IS_ALLOWED_IN_MAINTENANCE = 'allow_maintenance';

    public const ATTRIBUTE_INTERNAL_ROUTE_PARAMS = [
        self::ATTRIBUTE_CAPTCHA,
        self::ATTRIBUTE_ROUTE_SCOPE,
        self::ATTRIBUTE_ENTITY,
        self::ATTRIBUTE_NO_STORE,
        self::ATTRIBUTE_HTTP_CACHE,
        self::ATTRIBUTE_CONTEXT_TOKEN_REQUIRED,
        self::ATTRIBUTE_LOGIN_REQUIRED,
        self::ATTRIBUTE_LOGIN_REQUIRED_ALLOW_GUEST,
        self::ATTRIBUTE_IS_ALLOWED_IN_MAINTENANCE,
    ];

    /**
     * CSP
     */
    public const ATTRIBUTE_CSP_NONCE = '_cspNonce';

    /**
     * OAuth attributes
     */
    public const ATTRIBUTE_OAUTH_ACCESS_TOKEN_ID = 'oauth_access_token_id';
    public const ATTRIBUTE_OAUTH_CLIENT_ID = 'oauth_client_id';
    public const ATTRIBUTE_OAUTH_USER_ID = 'oauth_user_id';
    public const ATTRIBUTE_OAUTH_SCOPES = 'oauth_scopes';

    public const FALLBACK_SESSION_NAME = 'session-';

    private function __construct()
    {
    }
}