symfony
diff --git a/‎src/Symfony/Component/Debug/Exception/FlattenException.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Debug/Exception/FlattenException.php
+2-2Lines changed: 2 additions & 2 deletions b/‎src/Symfony/Component/Debug/Exception/FlattenException.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Debug/Exception/FlattenException.php
+2-2Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Exception/ConflictingHeadersException.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Exception/ConflictingHeadersException.php
+1-3Lines changed: 1 addition & 3 deletions b/‎src/Symfony/Component/HttpFoundation/Exception/ConflictingHeadersException.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Exception/ConflictingHeadersException.php
+1-3Lines changed: 1 addition & 3 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Exception/RequestExceptionInterface.php
Copy file name to clipboard
+21Lines changed: 21 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/Exception/RequestExceptionInterface.php
Copy file name to clipboard
+21Lines changed: 21 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Exception/SuspiciousOperationException.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Exception/SuspiciousOperationException.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Exception/SuspiciousOperationException.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Exception/SuspiciousOperationException.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Request.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+22-4Lines changed: 22 additions & 4 deletions b/‎src/Symfony/Component/HttpFoundation/Request.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+22-4Lines changed: 22 additions & 4 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/RouterListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/RouterListener.php
+1-6Lines changed: 1 addition & 6 deletions b/‎src/Symfony/Component/HttpKernel/EventListener/RouterListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/RouterListener.php
+1-6Lines changed: 1 addition & 6 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/ValidateRequestListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/ValidateRequestListener.php
+3-3Lines changed: 3 additions & 3 deletions b/‎src/Symfony/Component/HttpKernel/EventListener/ValidateRequestListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/ValidateRequestListener.php
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/HttpKernel.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/HttpKernel.php
+3-3Lines changed: 3 additions & 3 deletions b/‎src/Symfony/Component/HttpKernel/HttpKernel.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/HttpKernel.php
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/Tests/EventListener/RouterListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/Tests/EventListener/RouterListenerTest.php
+30-2Lines changed: 30 additions & 2 deletions b/‎src/Symfony/Component/HttpKernel/Tests/EventListener/RouterListenerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/Tests/EventListener/RouterListenerTest.php
+30-2Lines changed: 30 additions & 2 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/composer.json
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpKernel/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/composer.json
+1-1Lines changed: 1 addition & 1 deletion
@@ -11,7 +11,7 @@
 
 namespace Symfony\Component\Debug\Exception;
 
-use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
+use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
 
 /**
@@ -42,7 +42,7 @@ public static function create(\Exception $exception, $statusCode = null, array $
         if ($exception instanceof HttpExceptionInterface) {
             $statusCode = $exception->getStatusCode();
             $headers = array_merge($headers, $exception->getHeaders());
-        } elseif ($exception instanceof SuspiciousOperationException) {
+        } elseif ($exception instanceof RequestExceptionInterface) {
             $statusCode = 400;
         }
 
 
@@ -14,10 +14,8 @@
 /**
  * The HTTP request contains headers with conflicting information.
  *
- * This exception should trigger an HTTP 400 response in your application code.
- *
  * @author Magnus Nordlander <magnus@fervo.se>
  */
-class ConflictingHeadersException extends \RuntimeException
+class ConflictingHeadersException extends \UnexpectedValueException implements RequestExceptionInterface
 {
 }
@@ -0,0 +1,21 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpFoundation\Exception;
+
+/**
+ * Interface for Request exceptions.
+ *
+ * Exceptions implementing this interface should trigger an HTTP 400 response in the application code.
+ */
+interface RequestExceptionInterface
+{
+}
@@ -15,6 +15,6 @@
  * Raised when a user has performed an operation that should be considered
  * suspicious from a security perspective.
  */
-class SuspiciousOperationException extends \UnexpectedValueException
+class SuspiciousOperationException extends \UnexpectedValueException implements RequestExceptionInterface
 {
 }
@@ -207,6 +207,9 @@ class Request
 
     protected static $requestFactory;
 
+    private $isHostValid = true;
+    private $isClientIpsValid = true;
+
     /**
      * Constructor.
      *
@@ -820,7 +823,12 @@ public function getClientIps()
         }
 
         if ($hasTrustedForwardedHeader && $hasTrustedClientIpHeader && $forwardedClientIps !== $xForwardedForClientIps) {
-            throw new ConflictingHeadersException('The request has both a trusted Forwarded header and a trusted Client IP header, conflicting with each other with regards to the originating IP addresses of the request. This is the result of a misconfiguration. You should either configure your proxy only to send one of these headers, or configure Symfony to distrust one of them.');
+            if (!$this->isClientIpsValid) {
+                return array('0.0.0.0');
+            }
+            $this->isClientIpsValid = false;
+
+            throw new ConflictingHeadersException('The request has both a trusted Forwarded header and a trusted Client IP header, conflicting with each other with regards to the originating IP addresses of the request. This is the result of a misconfiguration. You should either configure your proxy only to send one of these headers, or configure your project to distrust one of them.');
         }
 
         if (!$hasTrustedForwardedHeader && !$hasTrustedClientIpHeader) {
@@ -1199,7 +1207,7 @@ public function isSecure()
      *
      * @return string
      *
-     * @throws SuspiciousOperationException when the host name is invalid
+     * @throws SuspiciousOperationException when the host name is invalid or not trusted
      */
     public function getHost()
     {
@@ -1221,7 +1229,12 @@ public function getHost()
         // check that it does not contain forbidden characters (see RFC 952 and RFC 2181)
         // use preg_replace() instead of preg_match() to prevent DoS attacks with long host names
         if ($host && '' !== preg_replace('/(?:^\[)?[a-zA-Z0-9-:\]_]+\.?/', '', $host)) {
-            throw new SuspiciousOperationException(sprintf('Invalid Host "%s"', $host));
+            if (!$this->isHostValid) {
+                return '';
+            }
+            $this->isHostValid = false;
+
+            throw new SuspiciousOperationException(sprintf('Invalid Host "%s".', $host));
         }
 
         if (count(self::$trustedHostPatterns) > 0) {
@@ -1239,7 +1252,12 @@ public function getHost()
                 }
             }
 
-            throw new SuspiciousOperationException(sprintf('Untrusted Host "%s"', $host));
+            if (!$this->isHostValid) {
+                return '';
+            }
+            $this->isHostValid = false;
+
+            throw new SuspiciousOperationException(sprintf('Untrusted Host "%s".', $host));
         }
 
         return $host;
 
@@ -1873,7 +1873,7 @@ public function testTrustedHosts()
             $request->getHost();
             $this->fail('Request::getHost() should throw an exception when host is not trusted.');
         } catch (SuspiciousOperationException $e) {
-            $this->assertEquals('Untrusted Host "evil.com"', $e->getMessage());
+            $this->assertEquals('Untrusted Host "evil.com".', $e->getMessage());
         }
 
         // trusted hosts
 
@@ -12,7 +12,6 @@
 namespace Symfony\Component\HttpKernel\EventListener;
 
 use Psr\Log\LoggerInterface;
-use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
 use Symfony\Component\HttpKernel\KernelEvents;
@@ -69,11 +68,7 @@ public function __construct($matcher, RequestStack $requestStack, RequestContext
     private function setCurrentRequest(Request $request = null)
     {
         if (null !== $request) {
-            try {
-                $this->context->fromRequest($request);
-            } catch (SuspiciousOperationException $e) {
-                // Do nothing.
-            }
+            $this->context->fromRequest($request);
         }
     }
 
 
@@ -16,8 +16,7 @@
 use Symfony\Component\HttpKernel\KernelEvents;
 
 /**
- * Validates that the headers and other information indicating the
- * client IP address of a request are consistent.
+ * Validates Requests.
  *
  * @author Magnus Nordlander <magnus@fervo.se>
  */
@@ -36,9 +35,10 @@ public function onKernelRequest(GetResponseEvent $event)
         $request = $event->getRequest();
 
         if ($request::getTrustedProxies()) {
-            // This will throw an exception if the headers are inconsistent.
             $request->getClientIps();
         }
+
+        $request->getHost();
     }
 
     /**
 
@@ -25,7 +25,7 @@
 use Symfony\Component\HttpKernel\Event\GetResponseForControllerResultEvent;
 use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
 use Symfony\Component\HttpKernel\Event\PostResponseEvent;
-use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
+use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\HttpFoundation\Response;
@@ -67,8 +67,8 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ
         try {
             return $this->handleRaw($request, $type);
         } catch (\Exception $e) {
-            if ($e instanceof ConflictingHeadersException) {
-                $e = new BadRequestHttpException('The request headers contain conflicting information regarding the origin of this request.', $e);
+            if ($e instanceof RequestExceptionInterface) {
+                $e = new BadRequestHttpException($e->getMessage(), $e);
             }
             if (false === $catch) {
                 $this->finishRequest($request, $type);
 
@@ -9,11 +9,17 @@
  * file that was distributed with this source code.
  */
 
-namespace Symfony\Component\HttpKernel\Tests\EventListener;
-
+use Symfony\Component\EventDispatcher\EventDispatcher;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestStack;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Controller\ArgumentResolver;
+use Symfony\Component\HttpKernel\Controller\ControllerResolver;
+use Symfony\Component\HttpKernel\EventListener\ExceptionListener;
 use Symfony\Component\HttpKernel\EventListener\RouterListener;
+use Symfony\Component\HttpKernel\EventListener\ValidateRequestListener;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
+use Symfony\Component\HttpKernel\HttpKernel;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\Routing\RequestContext;
 
@@ -154,4 +160,26 @@ public function getLoggingParameterData()
             array(array(), 'Matched route "{route}".', array('route' => 'n/a', 'route_parameters' => array(), 'request_uri' => 'http://localhost/', 'method' => 'GET')),
         );
     }
+
+    public function testWithBadRequest()
+    {
+        $requestStack = new RequestStack();
+
+        $requestMatcher = $this->getMock('Symfony\Component\Routing\Matcher\RequestMatcherInterface');
+        $requestMatcher->expects($this->never())->method('matchRequest');
+
+        $dispatcher = new EventDispatcher();
+        $dispatcher->addSubscriber(new ValidateRequestListener());
+        $dispatcher->addSubscriber(new RouterListener($requestMatcher, $requestStack, new RequestContext()));
+        $dispatcher->addSubscriber(new ExceptionListener(function () {
+            return new Response('Exception handled', 400);
+        }));
+
+        $kernel = new HttpKernel($dispatcher, new ControllerResolver(), $requestStack, new ArgumentResolver());
+
+        $request = Request::create('http://localhost/');
+        $request->headers->set('host', '###');
+        $response = $kernel->handle($request);
+        $this->assertSame(400, $response->getStatusCode());
+    }
 }
@@ -18,7 +18,7 @@
     "require": {
         "php": ">=5.5.9",
         "symfony/event-dispatcher": "~2.8|~3.0",
-        "symfony/http-foundation": "~2.8.13|~3.1.6|~3.2",
+        "symfony/http-foundation": "~3.3",
         "symfony/debug": "~2.8|~3.0",
         "psr/log": "~1.0"
     },
Original file line number	Diff line number	Diff line change
`@@ -14,10 +14,8 @@`
`14`	`14`	`/**`
`15`	`15`	`* The HTTP request contains headers with conflicting information.`
`16`	`16`	`*`
`17`		`- * This exception should trigger an HTTP 400 response in your application code.`
`18`		`- *`
`19`	`17`	`* @author Magnus Nordlander <magnus@fervo.se>`
`20`	`18`	`*/`
`21`		`-class ConflictingHeadersException extends \RuntimeException`
	`19`	`+class ConflictingHeadersException extends \UnexpectedValueException implements RequestExceptionInterface`
`22`	`20`	`{`
`23`	`21`	`}`
Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,6 @@`
`15`	`15`	`* Raised when a user has performed an operation that should be considered`
`16`	`16`	`* suspicious from a security perspective.`
`17`	`17`	`*/`
`18`		`-class SuspiciousOperationException extends \UnexpectedValueException`
	`18`	`+class SuspiciousOperationException extends \UnexpectedValueException implements RequestExceptionInterface`
`19`	`19`	`{`
`20`	`20`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1873,7 +1873,7 @@ public function testTrustedHosts()`
`1873`	`1873`	`$request->getHost();`
`1874`	`1874`	`$this->fail('Request::getHost() should throw an exception when host is not trusted.');`
`1875`	`1875`	`} catch (SuspiciousOperationException $e) {`
`1876`		`- $this->assertEquals('Untrusted Host "evil.com"', $e->getMessage());`
	`1876`	`+ $this->assertEquals('Untrusted Host "evil.com".', $e->getMessage());`
`1877`	`1877`	`}`
`1878`	`1878`
`1879`	`1879`	`// trusted hosts`