From 4744071dba0e198979b3ffab997aeb3b21f86d26 Mon Sep 17 00:00:00 2001 From: Stuart Rowlands Date: Tue, 31 Oct 2023 16:21:22 +1000 Subject: [PATCH] Only provide the quant-token header if drafts are not disabled. Disable drafts by default. --- config/install/quant.settings.yml | 1 + src/Seed.php | 12 ++++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/config/install/quant.settings.yml b/config/install/quant.settings.yml index 69f6c0fd..3f6503af 100644 --- a/config/install/quant.settings.yml +++ b/config/install/quant.settings.yml @@ -5,4 +5,5 @@ quant_enabled_views: 1 quant_enabled_redirects: 1 quant_routes_export: ssl_cert_verify: 1 +disable_content_drafts: 1 xpath_selectors: "//li[contains(@class,\"pager__item--next\")]/a[contains(@href,\"page=\")]\r\n//li[contains(@class,\"pager__item--first\")]/a[starts-with(@href, \"/\")]" diff --git a/src/Seed.php b/src/Seed.php index ab602f8d..5eba00ff 100644 --- a/src/Seed.php +++ b/src/Seed.php @@ -435,7 +435,11 @@ public static function headRoute($route, array $headers = []) { $headers['Host'] = $hostname; // Generate a signed token and use it in the request. - $headers['quant-token'] = \Drupal::service('quant.token_manager')->create($route); + // This only applies when drafts are enabled, as we return neutral access otherwise. + $disable_drafts = $config->get('disable_content_drafts'); + if (!$disable_drafts) { + $headers['quant-token'] = \Drupal::service('quant.token_manager')->create($route); + } // Support basic auth if enabled (note: will not work via drush/cli). $auth = !empty($_SERVER['PHP_AUTH_USER']) ? [ @@ -491,7 +495,11 @@ public static function markupFromRoute($route, array $headers = []) { $headers['Host'] = $hostname; // Generate a signed token and use it in the request. - $headers['quant-token'] = \Drupal::service('quant.token_manager')->create($route); + // This only applies when drafts are enabled, as we return neutral access otherwise. + $disable_drafts = $config->get('disable_content_drafts'); + if (!$disable_drafts) { + $headers['quant-token'] = \Drupal::service('quant.token_manager')->create($route); + } // Support basic auth if enabled (note: will not work via drush/cli). $auth = !empty($_SERVER['PHP_AUTH_USER']) ? [