symfony
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
Lines changed: 14 additions & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
Lines changed: 14 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
Lines changed: 4 additions & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
Lines changed: 4 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml
Lines changed: 3 additions & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
Lines changed: 21 additions & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
Lines changed: 21 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/CHANGELOG.md
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Component/HttpKernel/CHANGELOG.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/DisallowRobotsIndexingListener.php
Lines changed: 43 additions & 0 deletions b/‎src/Symfony/Component/HttpKernel/EventListener/DisallowRobotsIndexingListener.php
Lines changed: 43 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/Tests/EventListener/DisallowRobotsIndexingListenerTest.php
Lines changed: 47 additions & 0 deletions b/‎src/Symfony/Component/HttpKernel/Tests/EventListener/DisallowRobotsIndexingListenerTest.php
Lines changed: 47 additions & 0 deletions
@@ -108,6 +108,7 @@ public function getConfigTreeBuilder()
         $this->addWebLinkSection($rootNode);
         $this->addLockSection($rootNode);
+        $this->addRobotsIndexSection($rootNode);
 
         return $treeBuilder;
     }
@@ -1156,4 +1157,17 @@ function ($a) {
             ->end()
         ;
     }
+
+    private function addRobotsIndexSection(ArrayNodeDefinition $rootNode)
+    {
+        $rootNode
+            ->children()
+                ->booleanNode('disallow_search_engine_index')
+                    ->info('Enabled by default when debug is enabled.')
+                    ->defaultValue($this->debug)
+                    ->treatNullLike($this->debug)
+                ->end()
+            ->end()
+        ;
+    }
 }
@@ -394,6 +394,10 @@ public function load(array $configs, ContainerBuilder $container)
             // remove tagged iterator argument for resource checkers
             $container->getDefinition('config_cache_factory')->setArguments([]);
         }
+
+        if (!$config['disallow_search_engine_index'] ?? false) {
+            $container->removeDefinition('disallow_search_engine_index_response_listener');
+        }
     }
 
     /**
 
@@ -85,5 +85,8 @@
             <argument type="service" id="controller_name_converter" />
             <tag name="kernel.event_subscriber" />
         </service>
+        <service id="disallow_search_engine_index_response_listener" class="Symfony\Component\HttpKernel\EventListener\DisallowRobotsIndexingListener">
+            <tag name="kernel.event_subscriber" />
+        </service>
     </services>
 </container>
@@ -330,6 +330,7 @@ class_exists(SemaphoreStore::class) && SemaphoreStore::isSupported() ? 'semaphor
                 'default_bus' => null,
                 'buses' => ['messenger.bus.default' => ['default_middleware' => true, 'middleware' => []]],
             ],
+            'disallow_search_engine_index' => true,
         ];
     }
 }
@@ -1327,6 +1327,27 @@ public function testSessionCookieSecureAuto()
         $this->assertEquals($expected, array_keys($container->getDefinition('session_listener')->getArgument(0)->getValues()));
     }
 
+    public function testRobotsTagListenerIsRegisteredInDebugMode()
+    {
+        $container = $this->createContainer(['kernel.debug' => true]);
+        (new FrameworkExtension())->load([], $container);
+        $this->assertTrue($container->has('disallow_search_engine_index_response_listener'), 'DisallowRobotsIndexingListener should be registered');
+
+        $definition = $container->getDefinition('disallow_search_engine_index_response_listener');
+        $this->assertTrue($definition->hasTag('kernel.event_subscriber'), 'DisallowRobotsIndexingListener should have the correct tag');
+
+        $container = $this->createContainer(['kernel.debug' => true]);
+        (new FrameworkExtension())->load([['disallow_search_engine_index' => false]], $container);
+        $this->assertFalse(
+            $container->has('disallow_search_engine_index_response_listener'),
+            'DisallowRobotsIndexingListener should not be registered when explicitly disabled'
+        );
+
+        $container = $this->createContainer(['kernel.debug' => false]);
+        (new FrameworkExtension())->load([], $container);
+        $this->assertFalse($container->has('disallow_search_engine_index_response_listener'), 'DisallowRobotsIndexingListener should NOT be registered');
+    }
+
     protected function createContainer(array $data = [])
     {
         return new ContainerBuilder(new ParameterBag(array_merge([
 
@@ -12,6 +12,7 @@ CHANGELOG
  * the base `DataCollector` doesn't implement `Serializable` anymore, you should
    store all the serialized state in the data property instead
  * `DumpDataCollector` has been marked as `final`
+ * added an event listener to prevent search engines from indexing applications in debug mode.
 
 4.2.0
 -----
 
@@ -0,0 +1,43 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpKernel\EventListener;
+
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
+use Symfony\Component\HttpKernel\KernelEvents;
+
+/**
+ * Ensures that the application is not indexed by search engines.
+ *
+ * @author Gary PEGEOT <garypegeot@gmail.com>
+ */
+class DisallowRobotsIndexingListener implements EventSubscriberInterface
+{
+    private const HEADER_NAME = 'X-Robots-Tag';
+
+    public function onResponse(FilterResponseEvent $event): void
+    {
+        if (!$event->getResponse()->headers->has(static::HEADER_NAME)) {
+            $event->getResponse()->headers->set(static::HEADER_NAME, 'noindex');
+        }
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public static function getSubscribedEvents()
+    {
+        return [
+            KernelEvents::RESPONSE => ['onResponse', -255],
+        ];
+    }
+}
@@ -0,0 +1,47 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpKernel\Tests\EventListener;
+
+use PHPUnit\Framework\TestCase;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
+use Symfony\Component\HttpKernel\EventListener\DisallowRobotsIndexingListener;
+use Symfony\Component\HttpKernel\HttpKernelInterface;
+use Symfony\Component\HttpKernel\KernelInterface;
+
+class DisallowRobotsIndexingListenerTest extends TestCase
+{
+    /**
+     * @dataProvider provideResponses
+     */
+    public function testInvoke(?string $expected, Response $response): void
+    {
+        $listener = new DisallowRobotsIndexingListener();
+
+        $event = new FilterResponseEvent($this->createMock(HttpKernelInterface::class), $this->createMock(Request::class), KernelInterface::MASTER_REQUEST, $response);
+
+        $listener->onResponse($event);
+
+        $this->assertSame($expected, $response->headers->get('X-Robots-Tag'), 'Header doesn\'t match expectations');
+    }
+
+    public function provideResponses(): iterable
+    {
+        yield 'No header' => ['noindex', new Response()];
+
+        yield 'Header already set' => [
+            'something else',
+            new Response('', 204, ['X-Robots-Tag' => 'something else']),
+        ];
+    }
+}
Original file line number	Diff line number	Diff line change
`@@ -108,6 +108,7 @@ public function getConfigTreeBuilder()`
`108`	`108`	`$this->addWebLinkSection($rootNode);`
`109`	`109`	`$this->addLockSection($rootNode);`
`110`	`110`	`$this->addMessengerSection($rootNode);`
	`111`	`+ $this->addRobotsIndexSection($rootNode);`
`111`	`112`
`112`	`113`	`return $treeBuilder;`
`113`	`114`	`}`
`@@ -1156,4 +1157,17 @@ function ($a) {`
`1156`	`1157`	`->end()`
`1157`	`1158`	`;`
`1158`	`1159`	`}`
	`1160`	`+`
	`1161`	`+ private function addRobotsIndexSection(ArrayNodeDefinition $rootNode)`
	`1162`	`+ {`
	`1163`	`+ $rootNode`
	`1164`	`+ ->children()`
	`1165`	`+ ->booleanNode('disallow_search_engine_index')`
	`1166`	`+ ->info('Enabled by default when debug is enabled.')`
	`1167`	`+ ->defaultValue($this->debug)`
	`1168`	`+ ->treatNullLike($this->debug)`
	`1169`	`+ ->end()`
	`1170`	`+ ->end()`
	`1171`	`+ ;`
	`1172`	`+ }`
`1159`	`1173`	`}`
Original file line number	Diff line number	Diff line change
`@@ -394,6 +394,10 @@ public function load(array $configs, ContainerBuilder $container)`
`394`	`394`	`// remove tagged iterator argument for resource checkers`
`395`	`395`	`$container->getDefinition('config_cache_factory')->setArguments([]);`
`396`	`396`	`}`
	`397`	`+`
	`398`	`+ if (!$config['disallow_search_engine_index'] ?? false) {`
	`399`	`+ $container->removeDefinition('disallow_search_engine_index_response_listener');`
	`400`	`+ }`
`397`	`401`	`}`
`398`	`402`
`399`	`403`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -330,6 +330,7 @@ class_exists(SemaphoreStore::class) && SemaphoreStore::isSupported() ? 'semaphor`
`330`	`330`	`'default_bus' => null,`
`331`	`331`	`'buses' => ['messenger.bus.default' => ['default_middleware' => true, 'middleware' => []]],`
`332`	`332`	`],`
	`333`	`+ 'disallow_search_engine_index' => true,`
`333`	`334`	`];`
`334`	`335`	`}`
`335`	`336`	`}`