Skip to content

Commit

Permalink
Merge branch '6.4' into 7.1
Browse files Browse the repository at this point in the history
* 6.4:
  Do not read from argv on non-CLI SAPIs
  [Process] Use %PATH% before %CD% to load the shell on Windows
  [HttpFoundation] Reject URIs that contain invalid characters
  [HttpClient] Filter private IPs before connecting when Host == IP
  • Loading branch information
nicolas-grekas committed Nov 5, 2024
2 parents 4f4d5a2 + ba020a3 commit cd65d42
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 9 deletions.
17 changes: 17 additions & 0 deletions Request.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@

namespace Symfony\Component\HttpFoundation;

use Symfony\Component\HttpFoundation\Exception\BadRequestException;
use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
use Symfony\Component\HttpFoundation\Exception\JsonException;
use Symfony\Component\HttpFoundation\Exception\SessionNotFoundException;
Expand Down Expand Up @@ -276,6 +277,8 @@ public static function createFromGlobals(): static
* @param array $files The request files ($_FILES)
* @param array $server The server parameters ($_SERVER)
* @param string|resource|null $content The raw body data
*
* @throws BadRequestException When the URI is invalid
*/
public static function create(string $uri, string $method = 'GET', array $parameters = [], array $cookies = [], array $files = [], array $server = [], $content = null): static
{
Expand Down Expand Up @@ -303,6 +306,20 @@ public static function create(string $uri, string $method = 'GET', array $parame
throw new \InvalidArgumentException(sprintf('Malformed URI "%s".', $uri));
}

if (false === $components) {
throw new BadRequestException('Invalid URI.');
}

if (false !== ($i = strpos($uri, '\\')) && $i < strcspn($uri, '?#')) {
throw new BadRequestException('Invalid URI: A URI cannot contain a backslash.');
}
if (\strlen($uri) !== strcspn($uri, "\r\n\t")) {
throw new BadRequestException('Invalid URI: A URI cannot contain CR/LF/TAB characters.');
}
if ('' !== $uri && (\ord($uri[0]) <= 32 || \ord($uri[-1]) <= 32)) {
throw new BadRequestException('Invalid URI: A URI must not start nor end with ASCII control characters or spaces.');
}

if (isset($components['host'])) {
$server['SERVER_NAME'] = $components['host'];
$server['HTTP_HOST'] = $components['host'];
Expand Down
37 changes: 28 additions & 9 deletions Tests/RequestTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
namespace Symfony\Component\HttpFoundation\Tests;

use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Exception\BadRequestException;
use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
use Symfony\Component\HttpFoundation\Exception\JsonException;
use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
Expand Down Expand Up @@ -289,9 +290,34 @@ public function testCreateWithRequestUri()
$this->assertTrue($request->isSecure());

// Fragment should not be included in the URI
$request = Request::create('http://test.com/foo#bar');
$request->server->set('REQUEST_URI', 'http://test.com/foo#bar');
$request = Request::create('http://test.com/foo#bar\\baz');
$request->server->set('REQUEST_URI', 'http://test.com/foo#bar\\baz');
$this->assertEquals('http://test.com/foo', $request->getUri());

$request = Request::create('http://test.com/foo?bar=f\\o');
$this->assertEquals('http://test.com/foo?bar=f%5Co', $request->getUri());
$this->assertEquals('/foo', $request->getPathInfo());
$this->assertEquals('bar=f%5Co', $request->getQueryString());
}

/**
* @testWith ["http://foo.com\\bar"]
* ["\\\\foo.com/bar"]
* ["a\rb"]
* ["a\nb"]
* ["a\tb"]
* ["\u0000foo"]
* ["foo\u0000"]
* [" foo"]
* ["foo "]
* [":"]
*/
public function testCreateWithBadRequestUri(string $uri)
{
$this->expectException(BadRequestException::class);
$this->expectExceptionMessage('Invalid URI');

Request::create($uri);
}

/**
Expand Down Expand Up @@ -2655,13 +2681,6 @@ public function testReservedFlags()
$this->assertNotSame(0b10000000, $value, sprintf('The constant "%s" should not use the reserved value "0b10000000".', $constant));
}
}

public function testMalformedUriCreationException()
{
$this->expectException(\InvalidArgumentException::class);
$this->expectExceptionMessage('Malformed URI "/invalid-path:123".');
Request::create('/invalid-path:123');
}
}

class RequestContentProxy extends Request
Expand Down

0 comments on commit cd65d42

Please sign in to comment.