[HttpKernel] Move handling of conflicting origin IPs to catch block #19233
Conversation
23a588f to
e576986
Compare
| @@ -46,5 +46,9 @@ | ||
| <argument type="service" id="request_stack" /> | ||
| <tag name="kernel.event_subscriber" /> | ||
| </service> | ||
|
|
||
| <service id="validate_request_listener" class="Symfony\Component\HttpKernel\EventListener\RequestListener"> |
There was a problem hiding this comment.
You should also change the id accordingly to the class name, is that a possible BC break?
There was a problem hiding this comment.
Not really, as request_listener can easily conflict with an existing service. But having a disconnect between the class name and the id is strange.
There was a problem hiding this comment.
I suggest, whatever the id is, to add it to the changelog.
c9fee33 to
65db9ec
Compare
| @@ -63,6 +63,9 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ | ||
| try { | ||
| return $this->handleRaw($request, $type); | ||
| } catch (\Exception $e) { | ||
| if ($e instanceof ConflictingHeadersException) { |
There was a problem hiding this comment.
To me, this belongs to HttpKernel: it's a low level HttpFoundation exception (the only one), and HttpKernel job's is to map HttpFoundation to event's world, and deal with any kind of events, exceptions included. It's HttpKernel's responsibility to convert HttpFoundation exceptions to HttpKernel's world.
It's not optional at all, and existing HttpKernel users (e.g. Drupal) need to get a BadRequestHttpException that they already know how do deal with. Not this ConflictingHeadersException that comes from lower levels.
The listener below is a nice to have, that adds an early check in the request management process. Totally optional and a smooth feature for the FrameworkBundle.
Thus the split I made here.
That's only my humble opinion and maybe I miss the thing, so I'll move to the listener if you're sure it's the right place.
There was a problem hiding this comment.
That's indeed much better now. 👍
65db9ec to
34c2219
Compare
34c2219 to
db84101
Compare
| @@ -50,4 +50,4 @@ | ||
| } | ||
| } | ||
|
|
||
| file_put_contents('packages.json', json_encode(compact('packages'), $flags)); | ||
| file_put_contents(dirname(__DIR__).'/packages.json', json_encode(compact('packages'), $flags)); |
There was a problem hiding this comment.
yep, I'm debugging travis right now, this PR triggers situations that are not handled correctly today, please don't merge until it's green. I'll post a notice here.
e1bc96d to
db84101
Compare
|
Thank you @nicolas-grekas. |
…catch block (magnusnordlander, nicolas-grekas) This PR was merged into the 2.7 branch. Discussion ---------- [HttpKernel] Move handling of conflicting origin IPs to catch block | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #19217 | License | MIT | Doc PR | - Commits ------- db84101 [HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For 1f00b55 [HttpKernel] Move conflicting origin IPs handling to catch block
Uh oh!
There was an error while loading. Please reload this page.