-
-
Notifications
You must be signed in to change notification settings - Fork 9.6k
[Security] Fix for "Call to a member function getBaseUrl() on null" when generating a logout URL and there is no current request #27175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Closed
Closed
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How can there be no request at this stage? Could you create a small example application that allows to reproduce?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After
$response = $kernel->handle($request);in the front-controllerSymfony\Component\HttpKernel\HttpKernel::finishRequestis executed and pops the request from the requestStack. TherequestStackis now empty.Events and other code that is executed after
$kernel->handle(like terminate events) will find the emptyrequestStack, which is correct, there is no request anymore (response is already send).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's right, but why is the data collector triggered at this stage at all? Collection data should happen earlier during the
kernel.responseevent.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Finally, I found the problem why the data collection is triggered.
During the
kernel.terminatethe thrown exception is caught and forwarded toSymfony\Component\HttpKernel\HttpKernel::handleException, just like other exceptions in other phases of the request lifecycle.The
Symfony\Component\HttpKernel\EventListener\ExceptionListenerdispatches akernel.exceptionevent, this event is listened bySymfony\Component\HttpKernel\EventListener\ExceptionListener.Symfony\Component\HttpKernel\EventListener\ExceptionListenerwill start a new sub-request, all the normal kernel events are dispatched includingkernel.response.At this moment the data collection is triggered,
Symfony\Component\HttpKernel\EventListener\ProfilerListenerlistens to thekernel.responseevent and starts the collection.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When the subrequest is handled, it will be pushed onto the stack which therefore shouldn't be empty. So I still think we should first look into an example application that allows to reproduce the issue and see if there isn't another root cause.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@maartendekeizer would you be able to provide a reproducer we could play with to see how this can arise?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can only reproduce it on IIS 10, used PHP 7.1.5 and PHP 7.1.18. Theire is no issue when I use Apache2 with PHP 7.1.18 or Nginx with PHP 7.1.18.
https://github.com/maartendekeizer/symfony-demo-for-27175
After checkout and run composer install, visit the page /secure, login with the button. Change
src/EventListener/TestWithFailureSubscriber.phpRefresh the /secure page
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I cannot reproduce this behaviour with the built-in web server neither. Can you try to debug where the actual difference is when using IIS?