[ Index ]

PHP Cross Reference of phpBB-3.3.2-deutsch

title

Body

[close]

/vendor/symfony/http-kernel/HttpCache/ -> SubRequestHandler.php (source)

   1  <?php
   2  
   3  /*
   4   * This file is part of the Symfony package.
   5   *
   6   * (c) Fabien Potencier <fabien@symfony.com>
   7   *
   8   * For the full copyright and license information, please view the LICENSE
   9   * file that was distributed with this source code.
  10   */
  11  
  12  namespace Symfony\Component\HttpKernel\HttpCache;
  13  
  14  use Symfony\Component\HttpFoundation\IpUtils;
  15  use Symfony\Component\HttpFoundation\Request;
  16  use Symfony\Component\HttpFoundation\Response;
  17  use Symfony\Component\HttpKernel\HttpKernelInterface;
  18  
  19  /**
  20   * @author Nicolas Grekas <p@tchwork.com>
  21   *
  22   * @internal
  23   */
  24  class SubRequestHandler
  25  {
  26      /**
  27       * @return Response
  28       */
  29      public static function handle(HttpKernelInterface $kernel, Request $request, $type, $catch)
  30      {
  31          // save global state related to trusted headers and proxies
  32          $trustedProxies = Request::getTrustedProxies();
  33          $trustedHeaderSet = Request::getTrustedHeaderSet();
  34          if (method_exists(Request::class, 'getTrustedHeaderName')) {
  35              Request::setTrustedProxies($trustedProxies, -1);
  36              $trustedHeaders = [
  37                  Request::HEADER_FORWARDED => Request::getTrustedHeaderName(Request::HEADER_FORWARDED, false),
  38                  Request::HEADER_X_FORWARDED_FOR => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_FOR, false),
  39                  Request::HEADER_X_FORWARDED_HOST => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_HOST, false),
  40                  Request::HEADER_X_FORWARDED_PROTO => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_PROTO, false),
  41                  Request::HEADER_X_FORWARDED_PORT => Request::getTrustedHeaderName(Request::HEADER_X_FORWARDED_PORT, false),
  42              ];
  43              Request::setTrustedProxies($trustedProxies, $trustedHeaderSet);
  44          } else {
  45              $trustedHeaders = [
  46                  Request::HEADER_FORWARDED => 'FORWARDED',
  47                  Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
  48                  Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
  49                  Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
  50                  Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
  51              ];
  52          }
  53  
  54          // remove untrusted values
  55          $remoteAddr = $request->server->get('REMOTE_ADDR');
  56          if (!IpUtils::checkIp($remoteAddr, $trustedProxies)) {
  57              foreach ($trustedHeaders as $key => $name) {
  58                  if ($trustedHeaderSet & $key) {
  59                      $request->headers->remove($name);
  60                      $request->server->remove('HTTP_'.strtoupper(str_replace('-', '_', $name)));
  61                  }
  62              }
  63          }
  64  
  65          // compute trusted values, taking any trusted proxies into account
  66          $trustedIps = [];
  67          $trustedValues = [];
  68          foreach (array_reverse($request->getClientIps()) as $ip) {
  69              $trustedIps[] = $ip;
  70              $trustedValues[] = sprintf('for="%s"', $ip);
  71          }
  72          if ($ip !== $remoteAddr) {
  73              $trustedIps[] = $remoteAddr;
  74              $trustedValues[] = sprintf('for="%s"', $remoteAddr);
  75          }
  76  
  77          // set trusted values, reusing as much as possible the global trusted settings
  78          if (Request::HEADER_FORWARDED & $trustedHeaderSet) {
  79              $trustedValues[0] .= sprintf(';host="%s";proto=%s', $request->getHttpHost(), $request->getScheme());
  80              $request->headers->set($name = $trustedHeaders[Request::HEADER_FORWARDED], $v = implode(', ', $trustedValues));
  81              $request->server->set('HTTP_'.strtoupper(str_replace('-', '_', $name)), $v);
  82          }
  83          if (Request::HEADER_X_FORWARDED_FOR & $trustedHeaderSet) {
  84              $request->headers->set($name = $trustedHeaders[Request::HEADER_X_FORWARDED_FOR], $v = implode(', ', $trustedIps));
  85              $request->server->set('HTTP_'.strtoupper(str_replace('-', '_', $name)), $v);
  86          } elseif (!(Request::HEADER_FORWARDED & $trustedHeaderSet)) {
  87              Request::setTrustedProxies($trustedProxies, $trustedHeaderSet | Request::HEADER_X_FORWARDED_FOR);
  88              $request->headers->set($name = $trustedHeaders[Request::HEADER_X_FORWARDED_FOR], $v = implode(', ', $trustedIps));
  89              $request->server->set('HTTP_'.strtoupper(str_replace('-', '_', $name)), $v);
  90          }
  91  
  92          // fix the client IP address by setting it to 127.0.0.1,
  93          // which is the core responsibility of this method
  94          $request->server->set('REMOTE_ADDR', '127.0.0.1');
  95  
  96          // ensure 127.0.0.1 is set as trusted proxy
  97          if (!IpUtils::checkIp('127.0.0.1', $trustedProxies)) {
  98              Request::setTrustedProxies(array_merge($trustedProxies, ['127.0.0.1']), Request::getTrustedHeaderSet());
  99          }
 100  
 101          try {
 102              return $kernel->handle($request, $type, $catch);
 103          } finally {
 104              // restore global state
 105              Request::setTrustedProxies($trustedProxies, $trustedHeaderSet);
 106          }
 107      }
 108  }


Generated: Wed Nov 11 20:28:18 2020 Cross-referenced by PHPXref 0.7.1