Skip to content

Commit

Permalink
Merge branch '6.4' into 7.1
Browse files Browse the repository at this point in the history
* 6.4:
  [HttpClient] Resolve hostnames in NoPrivateNetworkHttpClient
  [security-http] Check owner of persisted remember-me cookie
  • Loading branch information
nicolas-grekas committed Nov 13, 2024
2 parents 90ab2a4 + cb4073c commit c30d91a
Show file tree
Hide file tree
Showing 10 changed files with 78 additions and 15 deletions.
2 changes: 2 additions & 0 deletions HttpOptions.php
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,8 @@ public function buffer(bool $buffer): static
}

/**
* @param callable(int, int, array, \Closure|null=):void $callback
*
* @return $this
*/
public function setOnProgress(callable $callback): static
Expand Down
12 changes: 10 additions & 2 deletions NativeHttpClient.php
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,15 @@ public function request(string $method, string $url, array $options = []): Respo

if ($onProgress = $options['on_progress']) {
$maxDuration = 0 < $options['max_duration'] ? $options['max_duration'] : \INF;
$onProgress = static function (...$progress) use ($onProgress, &$info, $maxDuration) {
$multi = $this->multi;
$resolve = static function (string $host, ?string $ip = null) use ($multi): ?string {
if (null !== $ip) {
$multi->dnsCache[$host] = $ip;
}

return $multi->dnsCache[$host] ?? null;
};
$onProgress = static function (...$progress) use ($onProgress, &$info, $maxDuration, $resolve) {
if ($info['total_time'] >= $maxDuration) {
throw new TransportException(sprintf('Max duration was reached for "%s".', implode('', $info['url'])));
}
Expand All @@ -156,7 +164,7 @@ public function request(string $method, string $url, array $options = []): Respo
$lastProgress = $progress ?: $lastProgress;
}

$onProgress($lastProgress[0], $lastProgress[1], $progressInfo);
$onProgress($lastProgress[0], $lastProgress[1], $progressInfo, $resolve);
};
} elseif (0 < $options['max_duration']) {
$maxDuration = $options['max_duration'];
Expand Down
17 changes: 15 additions & 2 deletions NoPrivateNetworkHttpClient.php
Original file line number Diff line number Diff line change
Expand Up @@ -56,14 +56,27 @@ public function request(string $method, string $url, array $options = []): Respo

$subnets = $this->subnets;

$options['on_progress'] = static function (int $dlNow, int $dlSize, array $info) use ($onProgress, $subnets): void {
$options['on_progress'] = static function (int $dlNow, int $dlSize, array $info, ?\Closure $resolve = null) use ($onProgress, $subnets): void {
static $lastUrl = '';
static $lastPrimaryIp = '';

if ($info['url'] !== $lastUrl) {
$host = trim(parse_url($info['url'], PHP_URL_HOST) ?: '', '[]');
$resolve ??= static fn () => null;

if (($ip = $host)
&& !filter_var($ip, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV6)
&& !filter_var($ip, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV4)
&& !$ip = $resolve($host)
) {
if ($ip = @(dns_get_record($host, \DNS_A)[0]['ip'] ?? null)) {
$resolve($host, $ip);
} elseif ($ip = @(dns_get_record($host, \DNS_AAAA)[0]['ipv6'] ?? null)) {
$resolve($host, '['.$ip.']');
}
}

if ($host && IpUtils::checkIp($host, $subnets ?? IpUtils::PRIVATE_SUBNETS)) {
if ($ip && IpUtils::checkIp($ip, $subnets ?? IpUtils::PRIVATE_SUBNETS)) {
throw new TransportException(sprintf('Host "%s" is blocked for "%s".', $host, $info['url']));
}

Expand Down
11 changes: 9 additions & 2 deletions Response/AmpResponse.php
Original file line number Diff line number Diff line change
Expand Up @@ -90,10 +90,17 @@ public function __construct(
$info['max_duration'] = $options['max_duration'];
$info['debug'] = '';

$resolve = static function (string $host, ?string $ip = null) use ($multi): ?string {
if (null !== $ip) {
$multi->dnsCache[$host] = $ip;
}

return $multi->dnsCache[$host] ?? null;
};
$onProgress = $options['on_progress'] ?? static function () {};
$onProgress = $this->onProgress = static function () use (&$info, $onProgress) {
$onProgress = $this->onProgress = static function () use (&$info, $onProgress, $resolve) {
$info['total_time'] = microtime(true) - $info['start_time'];
$onProgress((int) $info['size_download'], ((int) (1 + $info['download_content_length']) ?: 1) - 1, (array) $info);
$onProgress((int) $info['size_download'], ((int) (1 + $info['download_content_length']) ?: 1) - 1, (array) $info, $resolve);
};

$pauseDeferred = new Deferred();
Expand Down
4 changes: 2 additions & 2 deletions Response/AsyncContext.php
Original file line number Diff line number Diff line change
Expand Up @@ -161,8 +161,8 @@ public function replaceRequest(string $method, string $url, array $options = [])
$this->info['previous_info'][] = $info = $this->response->getInfo();
if (null !== $onProgress = $options['on_progress'] ?? null) {
$thisInfo = &$this->info;
$options['on_progress'] = static function (int $dlNow, int $dlSize, array $info) use (&$thisInfo, $onProgress) {
$onProgress($dlNow, $dlSize, $thisInfo + $info);
$options['on_progress'] = static function (int $dlNow, int $dlSize, array $info, ?\Closure $resolve = null) use (&$thisInfo, $onProgress) {
$onProgress($dlNow, $dlSize, $thisInfo + $info, $resolve);
};
}
if (0 < ($info['max_duration'] ?? 0) && 0 < ($info['total_time'] ?? 0)) {
Expand Down
4 changes: 2 additions & 2 deletions Response/AsyncResponse.php
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@ public function __construct(HttpClientInterface $client, string $method, string

if (null !== $onProgress = $options['on_progress'] ?? null) {
$thisInfo = &$this->info;
$options['on_progress'] = static function (int $dlNow, int $dlSize, array $info) use (&$thisInfo, $onProgress) {
$onProgress($dlNow, $dlSize, $thisInfo + $info);
$options['on_progress'] = static function (int $dlNow, int $dlSize, array $info, ?\Closure $resolve = null) use (&$thisInfo, $onProgress) {
$onProgress($dlNow, $dlSize, $thisInfo + $info, $resolve);
};
}
$this->response = $client->request($method, $url, ['buffer' => false] + $options);
Expand Down
11 changes: 9 additions & 2 deletions Response/CurlResponse.php
Original file line number Diff line number Diff line change
Expand Up @@ -122,13 +122,20 @@ public function __construct(
curl_pause($ch, \CURLPAUSE_CONT);

if ($onProgress = $options['on_progress']) {
$resolve = static function (string $host, ?string $ip = null) use ($multi): ?string {
if (null !== $ip) {
$multi->dnsCache->hostnames[$host] = $ip;
}

return $multi->dnsCache->hostnames[$host] ?? null;
};
$url = isset($info['url']) ? ['url' => $info['url']] : [];
curl_setopt($ch, \CURLOPT_NOPROGRESS, false);
curl_setopt($ch, \CURLOPT_PROGRESSFUNCTION, static function ($ch, $dlSize, $dlNow) use ($onProgress, &$info, $url, $multi, $debugBuffer) {
curl_setopt($ch, \CURLOPT_PROGRESSFUNCTION, static function ($ch, $dlSize, $dlNow) use ($onProgress, &$info, $url, $multi, $debugBuffer, $resolve) {
try {
rewind($debugBuffer);
$debug = ['debug' => stream_get_contents($debugBuffer)];
$onProgress($dlNow, $dlSize, $url + curl_getinfo($ch) + $info + $debug);
$onProgress($dlNow, $dlSize, $url + curl_getinfo($ch) + $info + $debug, $resolve);
} catch (\Throwable $e) {
$multi->handlesActivity[(int) $ch][] = null;
$multi->handlesActivity[(int) $ch][] = $e;
Expand Down
23 changes: 23 additions & 0 deletions Tests/HttpClientTestCase.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use Symfony\Component\HttpClient\Exception\InvalidArgumentException;
use Symfony\Component\HttpClient\Exception\TransportException;
use Symfony\Component\HttpClient\Internal\ClientState;
use Symfony\Component\HttpClient\NoPrivateNetworkHttpClient;
use Symfony\Component\HttpClient\Response\StreamWrapper;
use Symfony\Component\Process\Exception\ProcessFailedException;
use Symfony\Component\Process\Process;
Expand Down Expand Up @@ -467,6 +468,28 @@ public function testMisspelledScheme()
$httpClient->request('GET', 'http:/localhost:8057/');
}

public function testNoPrivateNetwork()
{
$client = $this->getHttpClient(__FUNCTION__);
$client = new NoPrivateNetworkHttpClient($client);

$this->expectException(TransportException::class);
$this->expectExceptionMessage('Host "localhost" is blocked');

$client->request('GET', 'http://localhost:8888');
}

public function testNoPrivateNetworkWithResolve()
{
$client = $this->getHttpClient(__FUNCTION__);
$client = new NoPrivateNetworkHttpClient($client);

$this->expectException(TransportException::class);
$this->expectExceptionMessage('Host "symfony.com" is blocked');

$client->request('GET', 'http://symfony.com', ['resolve' => ['symfony.com' => '127.0.0.1']]);
}

/**
* @dataProvider getRedirectWithAuthTests
*/
Expand Down
5 changes: 4 additions & 1 deletion Tests/MockHttpClientTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -331,14 +331,17 @@ protected function getHttpClient(string $testCase): HttpClientInterface

switch ($testCase) {
default:
return new MockHttpClient(function (string $method, string $url, array $options) use ($client) {
return new MockHttpClient(function (string $method, string $url, array $options) use ($client, $testCase) {
try {
// force the request to be completed so that we don't test side effects of the transport
$response = $client->request($method, $url, ['buffer' => false] + $options);
$content = $response->getContent(false);

return new MockResponse($content, $response->getInfo());
} catch (\Throwable $e) {
if (str_starts_with($testCase, 'testNoPrivateNetwork')) {
throw $e;
}
$this->fail($e->getMessage());
}
});
Expand Down
4 changes: 2 additions & 2 deletions TraceableHttpClient.php
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@ public function request(string $method, string $url, array $options = []): Respo
$content = false;
}

$options['on_progress'] = function (int $dlNow, int $dlSize, array $info) use (&$traceInfo, $onProgress) {
$options['on_progress'] = function (int $dlNow, int $dlSize, array $info, ?\Closure $resolve = null) use (&$traceInfo, $onProgress) {
$traceInfo = $info;

if (null !== $onProgress) {
$onProgress($dlNow, $dlSize, $info);
$onProgress($dlNow, $dlSize, $info, $resolve);
}
};

Expand Down

0 comments on commit c30d91a

Please sign in to comment.