| [ Index ] |
PHP Cross Reference of phpBB-3.3.14-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 3 /* 4 * This file is part of the Symfony package. 5 * 6 * (c) Fabien Potencier <fabien@symfony.com> 7 * 8 * For the full copyright and license information, please view the LICENSE 9 * file that was distributed with this source code. 10 */ 11 12 namespace Symfony\Component\HttpKernel\HttpCache; 13 14 use Symfony\Component\HttpFoundation\IpUtils; 15 use Symfony\Component\HttpFoundation\Request; 16 use Symfony\Component\HttpFoundation\Response; 17 use Symfony\Component\HttpKernel\HttpKernelInterface; 18 19 /** 20 * @author Nicolas Grekas <p@tchwork.com> 21 * 22 * @internal 23 */ 24 class SubRequestHandler 25 { 26 /** 27 * @return Response 28 */ 29 public static function handle(HttpKernelInterface $kernel, Request $request, $type, $catch) 30 { 31 // save global state related to trusted headers and proxies 32 $trustedProxies = Request::getTrustedProxies(); 33 $trustedHeaderSet = Request::getTrustedHeaderSet(); 34 if (method_exists(Request::class, 'getTrustedHeaderName')) { 35 Request::setTrustedProxies($trustedProxies, -1); 36 $trustedHeaders = [ 37 Request::HEADER_FORWARDED => Request::getTrustedHeaderName(Request::HEADER_FORWARDED, false), 38 Request::HEADER_X_FORWARDED_FOR => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_FOR, false), 39 Request::HEADER_X_FORWARDED_HOST => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_HOST, false), 40 Request::HEADER_X_FORWARDED_PROTO => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_PROTO, false), 41 Request::HEADER_X_FORWARDED_PORT => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_PORT, false), 42 ]; 43 Request::setTrustedProxies($trustedProxies, $trustedHeaderSet); 44 } else { 45 $trustedHeaders = [ 46 Request::HEADER_FORWARDED => 'FORWARDED', 47 Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR', 48 Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST', 49 Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO', 50 Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT', 51 ]; 52 } 53 54 // remove untrusted values 55 $remoteAddr = $request->server->get('REMOTE_ADDR'); 56 if (!IpUtils::checkIp($remoteAddr, $trustedProxies)) { 57 foreach ($trustedHeaders as $key => $name) { 58 if ($trustedHeaderSet & $key) { 59 $request->headers->remove($name); 60 $request->server->remove('HTTP_'.strtoupper(str_replace('-', '_', $name))); 61 } 62 } 63 } 64 65 // compute trusted values, taking any trusted proxies into account 66 $trustedIps = []; 67 $trustedValues = []; 68 foreach (array_reverse($request->getClientIps()) as $ip) { 69 $trustedIps[] = $ip; 70 $trustedValues[] = sprintf('for="%s"', $ip); 71 } 72 if ($ip !== $remoteAddr) { 73 $trustedIps[] = $remoteAddr; 74 $trustedValues[] = sprintf('for="%s"', $remoteAddr); 75 } 76 77 // set trusted values, reusing as much as possible the global trusted settings 78 if (Request::HEADER_FORWARDED & $trustedHeaderSet) { 79 $trustedValues[0] .= sprintf(';host="%s";proto=%s', $request->getHttpHost(), $request->getScheme()); 80 $request->headers->set($name = $trustedHeaders[Request::HEADER_FORWARDED], $v = implode(', ', $trustedValues)); 81 $request->server->set('HTTP_'.strtoupper(str_replace('-', '_', $name)), $v); 82 } 83 if (Request::HEADER_X_FORWARDED_FOR & $trustedHeaderSet) { 84 $request->headers->set($name = $trustedHeaders[Request::HEADER_X_FORWARDED_FOR], $v = implode(', ', $trustedIps)); 85 $request->server->set('HTTP_'.strtoupper(str_replace('-', '_', $name)), $v); 86 } elseif (!(Request::HEADER_FORWARDED & $trustedHeaderSet)) { 87 Request::setTrustedProxies($trustedProxies, $trustedHeaderSet | Request::HEADER_X_FORWARDED_FOR); 88 $request->headers->set($name = $trustedHeaders[Request::HEADER_X_FORWARDED_FOR], $v = implode(', ', $trustedIps)); 89 $request->server->set('HTTP_'.strtoupper(str_replace('-', '_', $name)), $v); 90 } 91 92 // fix the client IP address by setting it to 127.0.0.1, 93 // which is the core responsibility of this method 94 $request->server->set('REMOTE_ADDR', '127.0.0.1'); 95 96 // ensure 127.0.0.1 is set as trusted proxy 97 if (!IpUtils::checkIp('127.0.0.1', $trustedProxies)) { 98 Request::setTrustedProxies(array_merge($trustedProxies, ['127.0.0.1']), Request::getTrustedHeaderSet()); 99 } 100 101 try { 102 return $kernel->handle($request, $type, $catch); 103 } finally { 104 // restore global state 105 Request::setTrustedProxies($trustedProxies, $trustedHeaderSet); 106 } 107 } 108 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Nov 25 19:05:08 2024 | Cross-referenced by PHPXref 0.7.1 |