Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 0a90d41

Browse filesBrowse files
alexandre-dauboisalexandre-daubois
committed
[Cache][DependencyInjection][Lock][Mailer][Messenger][Notifier][Translation] Url decode username and passwords from parse_url() results
1 parent f7932b3 commit 0a90d41
Copy full SHA for 0a90d41

File tree

10 files changed

+70
-64
lines changed
Filter options

10 files changed

+70
-64
lines changed

‎src/Symfony/Component/Cache/Adapter/MemcachedAdapter.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Cache/Adapter/MemcachedAdapter.php
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -111,6 +111,9 @@ public static function createConnection(#[\SensitiveParameter] array|string $ser
111111
$params = preg_replace_callback('#^memcached:(//)?(?:([^@]*+)@)?#', function ($m) use (&$username, &$password) {
112112
if (!empty($m[2])) {
113113
[$username, $password] = explode(':', $m[2], 2) + [1 => null];
114+
115+
$username = rawurldecode($username);
116+
$password = rawurldecode($password);
114117
}
115118

116119
return 'file:'.($m[1] ?? '');

‎src/Symfony/Component/DependencyInjection/EnvVarProcessor.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/DependencyInjection/EnvVarProcessor.php
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -304,6 +304,9 @@ public function getEnv(string $prefix, string $name, \Closure $getEnv): mixed
304304
'fragment' => null,
305305
];
306306

307+
$parsedEnv['user'] = null !== $parsedEnv['user'] ? rawurldecode($parsedEnv['user']) : null;
308+
$parsedEnv['pass'] = null !== $parsedEnv['pass'] ? rawurldecode($parsedEnv['pass']) : null;
309+
307310
// remove the '/' separator
308311
$parsedEnv['path'] = '/' === ($parsedEnv['path'] ?? '/') ? '' : substr($parsedEnv['path'], 1);
309312

‎src/Symfony/Component/Lock/Store/MongoDbStore.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Lock/Store/MongoDbStore.php
+2-2Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -150,10 +150,10 @@ private function skimUri(string $uri): string
150150
throw new InvalidArgumentException(sprintf('The given MongoDB Connection URI "%s" is invalid. Expecting "mongodb://" or "mongodb+srv://".', $uri));
151151
}
152152

153-
if (false === $parsedUrl = parse_url($uri)) {
153+
if (false === $params = parse_url($uri)) {
154154
throw new InvalidArgumentException(sprintf('The given MongoDB Connection URI "%s" is invalid.', $uri));
155155
}
156-
$pathDb = ltrim($parsedUrl['path'] ?? '', '/') ?: null;
156+
$pathDb = ltrim($params['path'] ?? '', '/') ?: null;
157157
if (null !== $pathDb) {
158158
$this->options['database'] = $pathDb;
159159
}

‎src/Symfony/Component/Mailer/Transport/Dsn.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Mailer/Transport/Dsn.php
+8-8Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -37,24 +37,24 @@ public function __construct(string $scheme, string $host, string $user = null, #
3737

3838
public static function fromString(#[\SensitiveParameter] string $dsn): self
3939
{
40-
if (false === $parsedDsn = parse_url($dsn)) {
40+
if (false === $params = parse_url($dsn)) {
4141
throw new InvalidArgumentException('The mailer DSN is invalid.');
4242
}
4343

44-
if (!isset($parsedDsn['scheme'])) {
44+
if (!isset($params['scheme'])) {
4545
throw new InvalidArgumentException('The mailer DSN must contain a scheme.');
4646
}
4747

48-
if (!isset($parsedDsn['host'])) {
48+
if (!isset($params['host'])) {
4949
throw new InvalidArgumentException('The mailer DSN must contain a host (use "default" by default).');
5050
}
5151

52-
$user = '' !== ($parsedDsn['user'] ?? '') ? urldecode($parsedDsn['user']) : null;
53-
$password = '' !== ($parsedDsn['pass'] ?? '') ? urldecode($parsedDsn['pass']) : null;
54-
$port = $parsedDsn['port'] ?? null;
55-
parse_str($parsedDsn['query'] ?? '', $query);
52+
$user = isset($params['user']) ? rawurldecode($params['user']) : null;
53+
$password = isset($params['pass']) ? rawurldecode($params['pass']) : null;
54+
$port = $params['port'] ?? null;
55+
parse_str($params['query'] ?? '', $query);
5656

57-
return new self($parsedDsn['scheme'], $parsedDsn['host'], $user, $password, $port, $query);
57+
return new self($params['scheme'], $params['host'], $user, $password, $port, $query);
5858
}
5959

6060
public function getScheme(): string

‎src/Symfony/Component/Messenger/Bridge/AmazonSqs/Transport/Connection.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Messenger/Bridge/AmazonSqs/Transport/Connection.php
+13-13Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -102,13 +102,13 @@ public function __destruct()
102102
*/
103103
public static function fromDsn(#[\SensitiveParameter] string $dsn, array $options = [], HttpClientInterface $client = null, LoggerInterface $logger = null): self
104104
{
105-
if (false === $parsedUrl = parse_url($dsn)) {
105+
if (false === $params = parse_url($dsn)) {
106106
throw new InvalidArgumentException('The given Amazon SQS DSN is invalid.');
107107
}
108108

109109
$query = [];
110-
if (isset($parsedUrl['query'])) {
111-
parse_str($parsedUrl['query'], $query);
110+
if (isset($params['query'])) {
111+
parse_str($params['query'], $query);
112112
}
113113

114114
// check for extra keys in options
@@ -135,8 +135,8 @@ public static function fromDsn(#[\SensitiveParameter] string $dsn, array $option
135135

136136
$clientConfiguration = [
137137
'region' => $options['region'],
138-
'accessKeyId' => urldecode($parsedUrl['user'] ?? '') ?: $options['access_key'] ?? self::DEFAULT_OPTIONS['access_key'],
139-
'accessKeySecret' => urldecode($parsedUrl['pass'] ?? '') ?: $options['secret_key'] ?? self::DEFAULT_OPTIONS['secret_key'],
138+
'accessKeyId' => rawurldecode($params['user'] ?? '') ?: $options['access_key'] ?? self::DEFAULT_OPTIONS['access_key'],
139+
'accessKeySecret' => rawurldecode($params['pass'] ?? '') ?: $options['secret_key'] ?? self::DEFAULT_OPTIONS['secret_key'],
140140
];
141141
if (null !== $options['session_token']) {
142142
$clientConfiguration['sessionToken'] = $options['session_token'];
@@ -146,16 +146,16 @@ public static function fromDsn(#[\SensitiveParameter] string $dsn, array $option
146146
}
147147
unset($query['region']);
148148

149-
if ('default' !== ($parsedUrl['host'] ?? 'default')) {
150-
$clientConfiguration['endpoint'] = sprintf('%s://%s%s', ($query['sslmode'] ?? null) === 'disable' ? 'http' : 'https', $parsedUrl['host'], ($parsedUrl['port'] ?? null) ? ':'.$parsedUrl['port'] : '');
151-
if (preg_match(';^sqs\.([^\.]++)\.amazonaws\.com$;', $parsedUrl['host'], $matches)) {
149+
if ('default' !== ($params['host'] ?? 'default')) {
150+
$clientConfiguration['endpoint'] = sprintf('%s://%s%s', ($query['sslmode'] ?? null) === 'disable' ? 'http' : 'https', $params['host'], ($params['port'] ?? null) ? ':'.$params['port'] : '');
151+
if (preg_match(';^sqs\.([^\.]++)\.amazonaws\.com$;', $params['host'], $matches)) {
152152
$clientConfiguration['region'] = $matches[1];
153153
}
154154
} elseif (self::DEFAULT_OPTIONS['endpoint'] !== $options['endpoint'] ?? self::DEFAULT_OPTIONS['endpoint']) {
155155
$clientConfiguration['endpoint'] = $options['endpoint'];
156156
}
157157

158-
$parsedPath = explode('/', ltrim($parsedUrl['path'] ?? '/', '/'));
158+
$parsedPath = explode('/', ltrim($params['path'] ?? '/', '/'));
159159
if (\count($parsedPath) > 0 && !empty($queueName = end($parsedPath))) {
160160
$configuration['queue_name'] = $queueName;
161161
}
@@ -165,11 +165,11 @@ public static function fromDsn(#[\SensitiveParameter] string $dsn, array $option
165165
// https://sqs.REGION.amazonaws.com/ACCOUNT/QUEUE
166166
$queueUrl = null;
167167
if (
168-
'https' === $parsedUrl['scheme']
169-
&& ($parsedUrl['host'] ?? 'default') === "sqs.{$clientConfiguration['region']}.amazonaws.com"
170-
&& ($parsedUrl['path'] ?? '/') === "/{$configuration['account']}/{$configuration['queue_name']}"
168+
'https' === $params['scheme']
169+
&& ($params['host'] ?? 'default') === "sqs.{$clientConfiguration['region']}.amazonaws.com"
170+
&& ($params['path'] ?? '/') === "/{$configuration['account']}/{$configuration['queue_name']}"
171171
) {
172-
$queueUrl = 'https://'.$parsedUrl['host'].$parsedUrl['path'];
172+
$queueUrl = 'https://'.$params['host'].$params['path'];
173173
}
174174

175175
return new self($configuration, new SqsClient($clientConfiguration, null, $client, $logger), $queueUrl);

‎src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php
+10-10Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -162,24 +162,24 @@ public function __construct(array $connectionOptions, array $exchangeOptions, ar
162162
*/
163163
public static function fromDsn(#[\SensitiveParameter] string $dsn, array $options = [], AmqpFactory $amqpFactory = null): self
164164
{
165-
if (false === $parsedUrl = parse_url($dsn)) {
165+
if (false === $params = parse_url($dsn)) {
166166
// this is a valid URI that parse_url cannot handle when you want to pass all parameters as options
167167
if (!\in_array($dsn, ['amqp://', 'amqps://'])) {
168168
throw new InvalidArgumentException('The given AMQP DSN is invalid.');
169169
}
170170

171-
$parsedUrl = [];
171+
$params = [];
172172
}
173173

174174
$useAmqps = str_starts_with($dsn, 'amqps://');
175-
$pathParts = isset($parsedUrl['path']) ? explode('/', trim($parsedUrl['path'], '/')) : [];
175+
$pathParts = isset($params['path']) ? explode('/', trim($params['path'], '/')) : [];
176176
$exchangeName = $pathParts[1] ?? 'messages';
177-
parse_str($parsedUrl['query'] ?? '', $parsedQuery);
177+
parse_str($params['query'] ?? '', $parsedQuery);
178178
$port = $useAmqps ? 5671 : 5672;
179179

180180
$amqpOptions = array_replace_recursive([
181-
'host' => $parsedUrl['host'] ?? 'localhost',
182-
'port' => $parsedUrl['port'] ?? $port,
181+
'host' => $params['host'] ?? 'localhost',
182+
'port' => $params['port'] ?? $port,
183183
'vhost' => isset($pathParts[0]) ? urldecode($pathParts[0]) : '/',
184184
'exchange' => [
185185
'name' => $exchangeName,
@@ -188,12 +188,12 @@ public static function fromDsn(#[\SensitiveParameter] string $dsn, array $option
188188

189189
self::validateOptions($amqpOptions);
190190

191-
if (isset($parsedUrl['user'])) {
192-
$amqpOptions['login'] = urldecode($parsedUrl['user']);
191+
if (isset($params['user'])) {
192+
$amqpOptions['login'] = rawurldecode($params['user']);
193193
}
194194

195-
if (isset($parsedUrl['pass'])) {
196-
$amqpOptions['password'] = urldecode($parsedUrl['pass']);
195+
if (isset($params['pass'])) {
196+
$amqpOptions['password'] = rawurldecode($params['pass']);
197197
}
198198

199199
if (!isset($amqpOptions['queues'])) {

‎src/Symfony/Component/Messenger/Bridge/Doctrine/Transport/Connection.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Messenger/Bridge/Doctrine/Transport/Connection.php
+4-4Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -83,16 +83,16 @@ public function getConfiguration(): array
8383

8484
public static function buildConfiguration(#[\SensitiveParameter] string $dsn, array $options = []): array
8585
{
86-
if (false === $components = parse_url($dsn)) {
86+
if (false === $params = parse_url($dsn)) {
8787
throw new InvalidArgumentException('The given Doctrine Messenger DSN is invalid.');
8888
}
8989

9090
$query = [];
91-
if (isset($components['query'])) {
92-
parse_str($components['query'], $query);
91+
if (isset($params['query'])) {
92+
parse_str($params['query'], $query);
9393
}
9494

95-
$configuration = ['connection' => $components['host']];
95+
$configuration = ['connection' => $params['host']];
9696
$configuration += $query + $options + static::DEFAULT_OPTIONS;
9797

9898
$configuration['auto_setup'] = filter_var($configuration['auto_setup'], \FILTER_VALIDATE_BOOL);

‎src/Symfony/Component/Messenger/Bridge/Redis/Transport/Connection.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Messenger/Bridge/Redis/Transport/Connection.php
+7-7Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -313,22 +313,22 @@ private static function parseDsn(string $dsn, array &$options): array
313313
return 'file:'.($m[1] ?? '');
314314
}, $url);
315315

316-
if (false === $parsedUrl = parse_url($url)) {
316+
if (false === $params = parse_url($url)) {
317317
throw new InvalidArgumentException('The given Redis DSN is invalid.');
318318
}
319319

320320
if (null !== $auth) {
321-
unset($parsedUrl['user']); // parse_url thinks //0@localhost/ is a username of "0"! doh!
322-
$parsedUrl += ($auth ?? []); // But don't worry as $auth array will have user, user/pass or pass as needed
321+
unset($params['user']); // parse_url thinks //0@localhost/ is a username of "0"! doh!
322+
$params += ($auth ?? []); // But don't worry as $auth array will have user, user/pass or pass as needed
323323
}
324324

325-
if (isset($parsedUrl['query'])) {
326-
parse_str($parsedUrl['query'], $dsnOptions);
325+
if (isset($params['query'])) {
326+
parse_str($params['query'], $dsnOptions);
327327
$options = array_merge($options, $dsnOptions);
328328
}
329-
$parsedUrl['scheme'] = $scheme;
329+
$params['scheme'] = $scheme;
330330

331-
return $parsedUrl;
331+
return $params;
332332
}
333333

334334
private function claimOldPendingMessages(): void

‎src/Symfony/Component/Notifier/Transport/Dsn.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Notifier/Transport/Dsn.php
+10-10Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -33,25 +33,25 @@ public function __construct(#[\SensitiveParameter] string $dsn)
3333
{
3434
$this->originalDsn = $dsn;
3535

36-
if (false === $parsedDsn = parse_url($dsn)) {
36+
if (false === $params = parse_url($dsn)) {
3737
throw new InvalidArgumentException('The notifier DSN is invalid.');
3838
}
3939

40-
if (!isset($parsedDsn['scheme'])) {
40+
if (!isset($params['scheme'])) {
4141
throw new InvalidArgumentException('The notifier DSN must contain a scheme.');
4242
}
43-
$this->scheme = $parsedDsn['scheme'];
43+
$this->scheme = $params['scheme'];
4444

45-
if (!isset($parsedDsn['host'])) {
45+
if (!isset($params['host'])) {
4646
throw new InvalidArgumentException('The notifier DSN must contain a host (use "default" by default).');
4747
}
48-
$this->host = $parsedDsn['host'];
48+
$this->host = $params['host'];
4949

50-
$this->user = '' !== ($parsedDsn['user'] ?? '') ? urldecode($parsedDsn['user']) : null;
51-
$this->password = '' !== ($parsedDsn['pass'] ?? '') ? urldecode($parsedDsn['pass']) : null;
52-
$this->port = $parsedDsn['port'] ?? null;
53-
$this->path = $parsedDsn['path'] ?? null;
54-
parse_str($parsedDsn['query'] ?? '', $this->options);
50+
$this->user = isset($params['user']) && '' !== $params['user'] ? rawurldecode($params['user']) : null;
51+
$this->password = isset($params['pass']) && '' !== $params['pass'] ? rawurldecode($params['pass']) : null;
52+
$this->port = $params['port'] ?? null;
53+
$this->path = $params['path'] ?? null;
54+
parse_str($params['query'] ?? '', $this->options);
5555
}
5656

5757
public function getScheme(): string

‎src/Symfony/Component/Translation/Provider/Dsn.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Translation/Provider/Dsn.php
+10-10Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -33,25 +33,25 @@ public function __construct(#[\SensitiveParameter] string $dsn)
3333
{
3434
$this->originalDsn = $dsn;
3535

36-
if (false === $parsedDsn = parse_url($dsn)) {
36+
if (false === $params = parse_url($dsn)) {
3737
throw new InvalidArgumentException('The translation provider DSN is invalid.');
3838
}
3939

40-
if (!isset($parsedDsn['scheme'])) {
40+
if (!isset($params['scheme'])) {
4141
throw new InvalidArgumentException('The translation provider DSN must contain a scheme.');
4242
}
43-
$this->scheme = $parsedDsn['scheme'];
43+
$this->scheme = $params['scheme'];
4444

45-
if (!isset($parsedDsn['host'])) {
45+
if (!isset($params['host'])) {
4646
throw new InvalidArgumentException('The translation provider DSN must contain a host (use "default" by default).');
4747
}
48-
$this->host = $parsedDsn['host'];
48+
$this->host = $params['host'];
4949

50-
$this->user = '' !== ($parsedDsn['user'] ?? '') ? urldecode($parsedDsn['user']) : null;
51-
$this->password = '' !== ($parsedDsn['pass'] ?? '') ? urldecode($parsedDsn['pass']) : null;
52-
$this->port = $parsedDsn['port'] ?? null;
53-
$this->path = $parsedDsn['path'] ?? null;
54-
parse_str($parsedDsn['query'] ?? '', $this->options);
50+
$this->user = isset($params['user']) && '' !== $params['user'] ? rawurldecode($params['user']) : null;
51+
$this->password = isset($params['pass']) && '' !== $params['pass'] ? rawurldecode($params['pass']) : null;
52+
$this->port = $params['port'] ?? null;
53+
$this->path = $params['path'] ?? null;
54+
parse_str($params['query'] ?? '', $this->options);
5555
}
5656

5757
public function getScheme(): string

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.