8000 Merge branch '5.4' into 6.0 · symfony/symfony@970fdb0 · GitHub
[go: up one dir, main page]
Skip to content
8000

Commit 970fdb0

Browse files
xabbuhxabbuh
committed
Merge branch '5.4' into 6.0
* 5.4: [HttpFoundation] Always return strings from accept headers decode URL-encoded characters in DSN's usernames/passwords [Security/Http] cs fixes
2 parents 2944d64 + 308edb5 commit 970fdb0

File tree

7 files changed

+35
-20
lines changed

7 files changed

+35
-20
lines changed

src/Symfony/Component/HttpFoundation/Request.php

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1575,7 +1575,8 @@ public function getLanguages(): array
15751575

15761576
$languages = AcceptHeader::fromString($this->headers->get('Accept-Language'))->all();
15771577
$this->languages = [];
1578-
foreach ($languages as $lang => $acceptHeaderItem) {
1578+
foreach ($languages as $acceptHeaderItem) {
1579+
$lang = $acceptHeaderItem->getValue();
15791580
if (str_contains($lang, '-')) {
15801581
$codes = explode('-', $lang);
15811582
if ('i' === $codes[0]) {
@@ -1611,7 +1612,7 @@ public function getCharsets(): array
16111612
return $this->charsets;
16121613
}
16131614

1614-
return $this->charsets = array_keys(AcceptHeader::fromString($this->headers->get('Accept-Charset'))->all());
1615+
return $this->charsets = array_map('strval', array_keys(AcceptHeader::fromString($this->headers->get('Accept-Charset'))->all()));
16151616
}
16161617

16171618
/**
@@ -1623,7 +1624,7 @@ public function getEncodings(): array
16231624
return $this->encodings;
16241625
}
16251626

1626-
return $this->encodings = array_keys(AcceptHeader::fromString($this->headers->get('Accept-Encoding'))->all());
1627+
return $this->encodings = array_map('strval', array_keys(AcceptHeader::fromString($this->headers->get('Accept-Encoding'))->all()));
16271628
}
16281629

16291630
/**
@@ -1635,7 +1636,7 @@ public function getAcceptableContentTypes(): array
16351636
return $this->acceptableContentTypes;
16361637
}
16371638

1638-
return $this->acceptableContentTypes = array_keys(AcceptHeader::fromString($this->headers->get('Accept'))->all());
1639+
return $this->acceptableContentTypes = array_map('strval', array_keys(AcceptHeader::fromString($this->headers->get('Accept'))->all()));
16391640
}
16401641

16411642
/**

src/Symfony/Component/HttpFoundation/Tests/RequestTest.php

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1607,6 +1607,20 @@ public function testGetLanguages()
16071607
$this->assertEquals(['zh', 'cherokee'], $request->getLanguages());
16081608
}
16091609

1610+
public function testGetAcceptHeadersReturnString()
1611+
{
1612+
$request = new Request();
1613+
$request->headers->set('Accept', '123');
1614+
$request->headers->set('Accept-Charset', '123');
1615+
$request->headers->set('Accept-Encoding', '123');
1616+
$request->headers->set('Accept-Language', '123');
1617+
1618+
$this->assertSame(['123'], $request->getAcceptableContentTypes());
1619+
$this->assertSame(['123'], $request->getCharsets());
1620+
$this->assertSame(['123'], $request->getEncodings());
1621+
$this->assertSame(['123'], $request->getLanguages());
1622+
}
1623+
16101624
public function testGetRequestFormat()
16111625
{
16121626
$request = new Request();

src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -183,11 +183,11 @@ public static function fromDsn(string $dsn, array $options = [], AmqpFactory $am
183183
self::validateOptions($amqpOptions);
184184

185185
if (isset($parsedUrl['user'])) {
186-
$amqpOptions['login'] = $parsedUrl['user'];
186+
$amqpOptions['login'] = urldecode($parsedUrl['user']);
187187
}
188188

189189
if (isset($parsedUrl['pass'])) {
190-
$amqpOptions['password'] = $parsedUrl['pass'];
190+
$amqpOptions['password'] = urldecode($parsedUrl['pass']);
191191
}
192192

193193
if (!isset($amqpOptions['queues'])) {

src/Symfony/Component/Messenger/Bridge/Redis/Transport/Connection.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -224,8 +224,8 @@ public static function fromDsn(string $dsn, array $redisOptions = [], \Redis|\Re
224224
];
225225

226226
if (isset($parsedUrl['host'])) {
227-
$pass = '' !== ($parsedUrl['pass'] ?? '') ? $parsedUrl['pass'] : null;
228-
$user = '' !== ($parsedUrl['user'] ?? '') ? $parsedUrl['user'] : null;
227+
$pass = '' !== ($parsedUrl['pass'] ?? '') ? urldecode($parsedUrl['pass']) : null;
228+
$user = '' !== ($parsedUrl['user'] ?? '') ? urldecode($parsedUrl['user']) : null;
229229
$connectionCredentials = [
230230
'host' => $parsedUrl['host'] ?? '127.0.0.1',
231231
'port' => $parsedUrl['port'] ?? 6379,

src/Symfony/Component/Security/Core/Signature/SignatureHasher.php

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -31,9 +31,9 @@ class SignatureHasher
3131
private ?int $maxUses;
3232

3333
/**
34-
* @param array $signatureProperties properties of the User; the hash is invalidated if these properties change
35-
* @param ExpiredSignatureStorage|null $expiredSignaturesStorage if provided, secures a sequence of hashes that are expired
36-
* @param int|null $maxUses used together with $expiredSignatureStorage to allow a maximum usage of a hash
34+
* @param array $signatureProperties Properties of the User; the hash is invalidated if these properties change
35+
* @param ExpiredSignatureStorage|null $expiredSignaturesStorage If provided, secures a sequence of hashes that are expired
36+
* @param int|null $maxUses Used together with $expiredSignatureStorage to allow a maximum usage of a hash
3737
*/
3838
public function __construct(PropertyAccessorInterface $propertyAccessor, array $signatureProperties, string $secret, ExpiredSignatureStorage $expiredSignaturesStorage = null, int $maxUses = null)
3939
{
@@ -47,8 +47,8 @@ public function __construct(PropertyAccessorInterface $propertyAccessor, array $
4747
/**
4848
* Verifies the hash using the provided user and expire time.
4949
*
50-
* @param int $expires the expiry time as a unix timestamp
51-
* @param string $hash the plaintext hash provided by the request
50+
* @param int $expires The expiry time as a unix timestamp
51+
* @param string $hash The plaintext hash provided by the request
5252
*
5353
* @throws InvalidSignatureException If the signature does not match the provided parameters
5454
* @throws ExpiredSignatureException If the signature is no longer valid
@@ -75,7 +75,7 @@ public function verifySignatureHash(UserInterface $user, int $expires, string $h
7575
/**
7676
* Computes the secure hash for the provided user and expire time.
7777
*
78-
* @param int $expires the expiry time as a unix timestamp
78+
* @param int $expires The expiry time as a unix timestamp
7979
*/
8080
public function computeSignatureHash(UserInterface $user, int $expires): string
8181
{

src/Symfony/Component/Security/Http/LoginLink/LoginLinkHandler.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -31,13 +31,13 @@ final class LoginLinkHandler implements LoginLinkHandlerInterface
3131
private $urlGenerator;
3232
private $userProvider;
3333
private array $options;
34-
private $signatureHashUtil;
34+
private $signatureHasher;
3535

36-
public function __construct(UrlGeneratorInterface $urlGenerator, UserProviderInterface $userProvider, SignatureHasher $signatureHashUtil, array $options)
36+
public function __construct(UrlGeneratorInterface $urlGenerator, UserProviderInterface $userProvider, SignatureHasher $signatureHasher, array $options)
3737
{
3838
$this->urlGenerator = $urlGenerator;
3939
$this->userProvider = $userProvider;
40-
$this->signatureHashUtil = $signatureHashUtil;
40+
$this->signatureHasher = $signatureHasher;
4141
$this->options = array_merge([
4242
'route_name' => null,
4343
'lifetime' => 600,
@@ -52,7 +52,7 @@ public function createLoginLink(UserInterface $user, Request $request = null): L
5252
$parameters = [
5353
'user' => $user->getUserIdentifier(),
5454
'expires' => $expires,
55-
'hash' => $this->signatureHashUtil->computeSignatureHash($user, $expires),
55+
'hash' => $this->signatureHasher->computeSignatureHash($user, $expires),
5656
];
5757

5858
if ($request) {
@@ -93,7 +93,7 @@ public function consumeLoginLink(Request $request): UserInterface
9393
$expires = $request->get('expires');
9494

9595
try {
96-
$this->signatureHashUtil->verifySignatureHash($user, $expires, $hash);
96+
$this->signatureHasher->verifySignatureHash($user, $expires, $hash);
9797
} catch (ExpiredSignatureException $e) {
9898
throw new ExpiredLoginLinkException(ucfirst(str_ireplace('signature', 'login link', $e->getMessage())), 0, $e);
9999
} catch (InvalidSignatureException $e) {

src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeHandler.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ public function __construct(UserProviderInterface $userProvider, RequestStack $r
5353
* - Create a new remember-me cookie to be sent with the response (using {@see createCookie()});
5454
* - If you store the token somewhere else (e.g. in a database), invalidate the stored token.
5555
*
56-
* @throws AuthenticationException throw this exception if the remember me details are not accepted
56+
* @throws AuthenticationException If the remember-me details are not accepted
5757
*/
5858
abstract protected function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void;
5959

0 commit comments

Comments
 (0)
0