Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
implements QSA on Symfony2 redirects
use JMS\DiExtraBundle\Annotation as DI;
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
/** @DI\Service */
class QSAListener
private $blacklist;
/** @DI\InjectParams({"blacklist"=@DI\Inject("%qsa.blacklist%")}) */
public function __construct(array $blacklist = array())
$this->blacklist = $blacklist;
/** @DI\Observe("kernel.response") */
public function onKernelResponse(FilterResponseEvent $event)
$request = $event->getRequest();
$response = $event->getResponse();
if (!$response->isRedirection() || !$request->isMethodSafe() || !$request->query->all()) {
$query = array();
foreach (array_diff($request->query->keys(), $this->blacklist) as $key) {
$query[$key] = $request->query->get($key);
// attach the query string
$location = $response->headers->get('Location');
$location .= false === strpos($location, '?') ? '?' : '&';
$location .= http_build_query($query);
// modify the response content
htmlspecialchars($response->headers->get('Location'), ENT_QUOTES, 'UTF-8'),
htmlspecialchars($location, ENT_QUOTES, 'UTF-8'),
// modify the location header
$response->headers->set('Location', $location);
Copy link

cordoval commented Aug 8, 2012

I see it is like a secure blocker of IPs, wonder what QSA stands for?

Copy link

phuedx commented Aug 8, 2012

@cordoval in this instance QSA stands for Query String Append. It's an emulation of mod_rewrite's [QSA] flag, which appends any query string parameters in the substitution URL to the query string parameters of the original URL.

Copy link

kriswallsmith commented Aug 8, 2012

Thanks @phuedx!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment