function AjaxBasePageNegotiator::determineActiveTheme

Same name in other branches

9 core/lib/Drupal/Core/Theme/AjaxBasePageNegotiator.php \Drupal\Core\Theme\AjaxBasePageNegotiator::determineActiveTheme()
8.9.x core/lib/Drupal/Core/Theme/AjaxBasePageNegotiator.php \Drupal\Core\Theme\AjaxBasePageNegotiator::determineActiveTheme()
11.x core/lib/Drupal/Core/Theme/AjaxBasePageNegotiator.php \Drupal\Core\Theme\AjaxBasePageNegotiator::determineActiveTheme()

File

core/lib/Drupal/Core/Theme/AjaxBasePageNegotiator.php, line 75

Class

AjaxBasePageNegotiator: Defines a theme negotiator that deals with the active theme on ajax requests.

Namespace

Drupal\Core\Theme

Code

public function determineActiveTheme(RouteMatchInterface $route_match) {
    $ajax_page_state = $this->requestStack
        ->getCurrentRequest()
        ->get('ajax_page_state');
    $theme = $ajax_page_state['theme'];
    $token = $ajax_page_state['theme_token'];
    // Prevent a request forgery from giving a person access to a theme they
    // shouldn't be otherwise allowed to see. However, since everyone is
    // allowed to see the default theme, token validation isn't required for
    // that, and bypassing it allows most use-cases to work even when accessed
    // from the page cache.
    if ($theme === $this->configFactory
        ->get('system.theme')
        ->get('default') || $this->csrfGenerator
        ->validate($token, $theme)) {
        return $theme;
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.

function AjaxBasePageNegotiator::determineActiveTheme

File

Class

Namespace

Code

Search drupal 10

API Navigation

Breadcrumb

function AjaxBasePageNegotiator::determineActiveTheme

File

Class

Namespace

Code

Search drupal 10

API Navigation