Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 653154d

Browse filesBrowse files
nicolas-grekasnicolas-grekas
committed
[HttpClient] More consistency cleanups
1 parent d4a8e57 commit 653154d
Copy full SHA for 653154d

File tree

Expand file treeCollapse file tree

3 files changed

+13
-17
lines changed
Filter options
Expand file treeCollapse file tree

3 files changed

+13
-17
lines changed

‎src/Symfony/Component/HttpClient/CurlHttpClient.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpClient/CurlHttpClient.php
+4-6Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -323,7 +323,7 @@ public function request(string $method, string $url, array $options = []): Respo
323323
}
324324
}
325325

326-
return $pushedResponse ?? new CurlResponse($multi, $ch, $options, $this->logger, $method, self::createRedirectResolver($options, $host, $port), CurlClientState::$curlVersion['version_number'], $url);
326+
return $pushedResponse ?? new CurlResponse($multi, $ch, $options, $this->logger, $method, self::createRedirectResolver($options, $authority), CurlClientState::$curlVersion['version_number'], $url);
327327
}
328328

329329
public function stream(ResponseInterface|iterable $responses, ?float $timeout = null): ResponseStreamInterface
@@ -404,12 +404,11 @@ private static function readRequestBody(int $length, \Closure $body, string &$bu
404404
*
405405
* Work around CVE-2018-1000007: Authorization and Cookie headers should not follow redirects - fixed in Curl 7.64
406406
*/
407-
private static function createRedirectResolver(array $options, string $host, int $port): \Closure
407+
private static function createRedirectResolver(array $options, string $authority): \Closure
408408
{
409409
$redirectHeaders = [];
410410
if (0 < $options['max_redirects']) {
411-
$redirectHeaders['host'] = $host;
412-
$redirectHeaders['port'] = $port;
411+
$redirectHeaders['authority'] = $authority;
413412
$redirectHeaders['with_auth'] = $redirectHeaders['no_auth'] = array_filter($options['headers'], static fn ($h) => 0 !== stripos($h, 'Host:'));
414413

415414
if (isset($options['normalized_headers']['authorization'][0]) || isset($options['normalized_headers']['cookie'][0])) {
@@ -433,8 +432,7 @@ private static function createRedirectResolver(array $options, string $host, int
433432
}
434433

435434
if ($redirectHeaders && isset($location['authority'])) {
436-
$port = parse_url($location['authority'], \PHP_URL_PORT) ?: ('http:' === $location['scheme'] ? 80 : 443);
437-
$requestHeaders = parse_url($location['authority'], \PHP_URL_HOST) === $redirectHeaders['host'] && $redirectHeaders['port'] === $port ? $redirectHeaders['with_auth'] : $redirectHeaders['no_auth'];
435+
$requestHeaders = $location['authority'] === $redirectHeaders['authority'] ? $redirectHeaders['with_auth'] : $redirectHeaders['no_auth'];
438436
curl_setopt($ch, \CURLOPT_HTTPHEADER, $requestHeaders);
439437
} elseif ($noContent && $redirectHeaders) {
440438
curl_setopt($ch, \CURLOPT_HTTPHEADER, $redirectHeaders['with_auth']);

‎src/Symfony/Component/HttpClient/NativeHttpClient.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpClient/NativeHttpClient.php
+5-5Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -275,7 +275,7 @@ public function request(string $method, string $url, array $options = []): Respo
275275
$url['authority'] = substr_replace($url['authority'], $ip, -\strlen($host) - \strlen($port), \strlen($host));
276276
}
277277

278-
return [self::createRedirectResolver($options, $host, $port, $proxy, $info, $onProgress), implode('', $url)];
278+
return [self::createRedirectResolver($options, $ur['authority'], $proxy, $info, $onProgress), implode('', $url)];
279279
};
280280

281281
return new NativeResponse($this->multi, $context, implode('', $url), $options, $info, $resolver, $onProgress, $this->logger);
@@ -373,11 +373,11 @@ private static function dnsResolve(string $host, NativeClientState $multi, array
373373
/**
374374
* Handles redirects - the native logic is too buggy to be used.
375375
*/
376-
private static function createRedirectResolver(array $options, string $host, string $port, ?array $proxy, array &$info, ?\Closure $onProgress): \Closure
376+
private static function createRedirectResolver(array $options, string $authority, ?array $proxy, array &$info, ?\Closure $onProgress): \Closure
377377
{
378378
$redirectHeaders = [];
379379
if (0 < $maxRedirects = $options['max_redirects']) {
380-
$redirectHeaders = ['host' => $host, 'port' => $port];
380+
$redirectHeaders = ['authority' => $authority];
381381
$redirectHeaders['with_auth'] = $redirectHeaders['no_auth'] = array_filter($options['headers'], static fn ($h) => 0 !== stripos($h, 'Host:'));
382382

383383
if (isset($options['normalized_headers']['authorization']) || isset($options['normalized_headers']['cookie'])) {
@@ -435,8 +435,8 @@ private static function createRedirectResolver(array $options, string $host, str
435435
[$host, $port] = self::parseHostPort($url, $info);
436436

437437
if ($locationHasHost) {
438-
// Authorization and Cookie headers MUST NOT follow except for the initial host name
439-
$requestHeaders = $redirectHeaders['host'] === $host && $redirectHeaders['port'] === $port ? $redirectHeaders['with_auth'] : $redirectHeaders['no_auth'];
438+
// Authorization and Cookie headers MUST NOT follow except for the initial authority name
439+
$requestHeaders = $redirectHeaders['authority'] === $url['authority'] ? $redirectHeaders['with_auth'] : $redirectHeaders['no_auth'];
440440
$requestHeaders[] = 'Host: '.$host.$port;
441441
$dnsResolve = !self::configureHeadersAndProxy($context, $host, $requestHeaders, $proxy, 'https:' === $url['scheme']);
442442
} else {

‎src/Symfony/Component/HttpClient/Response/AmpResponse.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpClient/Response/AmpResponse.php
+4-6Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -339,16 +339,14 @@ private static function followRedirects(Request $originRequest, AmpClientState $
339339
$request->setTlsHandshakeTimeout($originRequest->getTlsHandshakeTimeout());
340340
$request->setTransferTimeout($originRequest->getTransferTimeout());
341341

342-
if (\in_array($status, [301, 302, 303], true)) {
342+
if (303 === $status || \in_array($status, [301, 302], true) && 'POST' === $response->getRequest()->getMethod()) {
343+
// Do like curl and browsers: turn POST to GET on 301, 302 and 303
343344
$originRequest->removeHeader('transfer-encoding');
344345
$originRequest->removeHeader('content-length');
345346
$originRequest->removeHeader('content-type');
346347

347-
// Do like curl and browsers: turn POST to GET on 301, 302 and 303
348-
if ('POST' === $response->getRequest()->getMethod() || 303 === $status) {
349-
$info['http_method'] = 'HEAD' === $response->getRequest()->getMethod() ? 'HEAD' : 'GET';
350-
$request->setMethod($info['http_method']);
351-
}
348+
$info['http_method'] = 'HEAD' === $response->getRequest()->getMethod() ? 'HEAD' : 'GET';
349+
$request->setMethod($info['http_method']);
352350
} else {
353351
$request->setBody(AmpBody::rewind($response->getRequest()->getBody()));
354352
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.