I have a Controller which generates a text/html BinaryFileResponse:
$response = new BinaryFileResponse($temp_file);
$response->headers->set('Content-Type', 'text/html');
$response->setContentDisposition(ResponseHeaderBag::DISPOSITION_ATTACHMENT, $filename);
$response->setPrivate();
return $response;
ActiveLinkResponseFilter->onResponse() runs on every response and does:
if (stripos($response->headers->get('Content-Type'), 'text/html') === FALSE) {
return;
}
if ($this->currentUser->isAuthenticated()) {
return;
}
$response->setContent(...
BinaryFileResponse->setContent() does:
public function setContent($content)
{
if (null !== $content) {
throw new \LogicException('The content cannot be set on a BinaryFileResponse instance.');
}
}
So if anyone ever sends a BinaryFileResponse with the content type set to text/html, AND while anonymous then they get a LogicException.
I think the fix here is just to check if $response is_a BinaryFileResponse in ActiveLinkResponseFilter->onResponse(). Might be worth reporting this upstream as a Symfony bug too since children of Response shouldn't be throwing on setContent() if that's a valid call on Response (but I'm guessing they can't change it for backwards compat reasons).
Patch to follow.