This removes most phalcon code currently being used on our end, except the Volt templates (which are re-wrapped) and a translation class we can easily replace later in a separate commit.
Consumers of our controller classes shouldn't notice a difference as the used objects and methods are named the same.
The most notable changes are the following ones:
* Exceptions about not being able to find a requested path now break down into different exceptions inheriting from DispatchException, which makes it easier from the entrypoint (api.php, index.php) to catch and handle accordingly.
* When not in development mode, raw exceptions are not being returned anymore, which increases security
* The Dispatcher class is reponsible for object construction and mapping validation (valid uri, but no object found)
* The Router class replaces previous Application class, it disects offered uri's into namespaces, classnames and methods to call.
In the long run there should be a seperate controller for controllers using volt templates or api calls, but as the existing ones don't distinct between this and the output handling is different now, we can park this for a later moment in time (the performance penalty should be rather low).
Some unused functionality has been removed, for example support for the X-HTTP-Method-Override header in Request->getMethod() (see 44243c0765/phalcon/Http/Request.zep (L599-L609)).
To some degree I think always trimming the data isn't the issue, but not being able to paste at cursor position is impractical. this commit re-wires the paste action after trimming the clipboard data (in stead of overwriting the target field).
The original intend was to be able to reuse the Csrf class, but as this requires direct access to the session object, it's likely not a good idea for the goals of https://github.com/opnsense/core/issues/6389
Since the legacy pages need a lock on session anyway, keeping it doesn't make a difference.
This might not work for all values as we would maybe like the have the
FreeBSD default itself to work its magic. For security relevant things
bootstrapping the value is useful, but for buffer sizes it might not be.
* remove unused FactoryDefault() in tests
* refactor FactoryDefault() config access to new AppConfig class
* remove unused code in afterExecuteRoute() `$this->response->getHeaders()->get("Status")` will never be null
while this certainly doesn't account for all use cases, the streaming action is isolated enough to build from. For the use case of the new filter live log widget, starting from scratch on each action should be enough for now.
The + 1 was completely arbitrary to begin with (derived from
FreeBSD scripting), but if part of the system needs longer to
cope with tentative state then this would be an easy way to
make it more reliable.
If + 3 makes sense for the next person is something I want to
doubt, however.
Special thanks go to @Wireheadbe for pursuing and testing this.
If zlib compression was never enabled to begin with, the ob_end_clean()
will close the current Phalcon output buffer, which means the
ob_end_flush() will cause a fatal error. To prevent this we can check
if there is an output buffer still active.
