-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use HSTS when doing request with the HttpClient #34553
Conversation
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
||
$expires = $this->timeFactory->getTime() + $maxAge; | ||
|
||
$qb = $this->db->getQueryBuilder(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could we maybe make hosts unique and if we get an unique exeption when trying to insert then we try updating. Save one DB query in some cases
Also we probably should try to catch data races
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* @param array $options | ||
* @return null|ISchemaWrapper | ||
*/ | ||
public function changeSchema(IOutput $output, Closure $schemaClosure, array $options): ?ISchemaWrapper { |
Check failure
Code scanning / Psalm
MoreSpecificImplementedParamType
|
||
if ($data !== false | ||
&& $this->timeFactory->getTime() < $data['expires'] | ||
&& (!$includeSubdomain || ($includeSubdomain && $data['includeSubdomains'])) |
Check failure
Code scanning / Psalm
RedundantCondition
|
||
$request = $this->handleHSTSRewrite($request); | ||
|
||
$this->logger->warning("GONNA REQUEST"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
debug
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah plenty of those
|
||
return $handler($request, $options) | ||
->then(function (ResponseInterface $response) use ($request) { | ||
$this->logger->error("GOT RESPONSE"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
debug
Time to ensure that if a server we talk to supports HSTS we actually store this info and use it.
Help and commits to this branch are appreciated.
TODO
Future work: