ModifyFileDumpEvent

The PSR-14 event \TYPO3\CMS\Core\Resource\Event\ModifyFileDumpEvent is fired in the \TYPO3\CMS\Core\Controller\FileDumpController and allows extensions to perform additional access / security checks before dumping a file. The event does not only contain the file to dump but also the PSR-7 Request.

In case the file dump should be rejected, the event has to set a PSR-7 response, usually with a 403 status code. This will then immediately stop the propagation.

With the event, it is not only possible to reject the file dump request, but also to replace the file, which should be dumped.

Example

EXT:my_extension/Classes/Resource/EventListener/MyEventListener.php

<?php

declare(strict_types=1);

namespace MyVendor\MyExtension\Resource\EventListener;

use TYPO3\CMS\Core\Attribute\AsEventListener;
use TYPO3\CMS\Core\Resource\Event\ModifyFileDumpEvent;

#[AsEventListener(
    identifier: 'my-extension/modify-file-dump',
)]
final readonly class MyEventListener
{
    public function __invoke(ModifyFileDumpEvent $event): void
    {
        // Do magic here
    }
}

API

class ModifyFileDumpEvent

Fully qualified name: \TYPO3\CMS\Core\Resource\Event\ModifyFileDumpEvent

Event that is triggered when a file should be dumped to the browser, allowing to perform custom security/access checks when accessing a file through a direct link, and returning an alternative Response.

It is also possible to replace the file during this event, but not setting a response.

As soon as a custom Response is added, the propagation is stopped.

getFile ( )

Returns: TYPO3CMSCoreResourceResourceInterface

setFile ( \TYPO3\CMS\Core\Resource\ResourceInterface $file)

param $file: the file

getRequest ( )

Returns: PsrHttpMessageServerRequestInterface

setResponse ( \Psr\Http\Message\ResponseInterface $response)

param $response: the response

getResponse ( )

Returns: ?PsrHttpMessageResponseInterface

isPropagationStopped ( )

Returns: bool