8000 feature #43411 [HttpFoundation] Deprecate passing null as $requestIp … · symfony/symfony@a53a173 · GitHub
[go: up one dir, main page]
Skip to content

Commit a53a173

Browse files
fabpotfabpot
committed
feature #43411 [HttpFoundation] Deprecate passing null as $requestIp in IpUtils (W0rma)
This PR was merged into the 5.4 branch. Discussion ---------- [HttpFoundation] Deprecate passing null as $requestIp in IpUtils | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | no | New feature? | no | Deprecations? | yes | Tickets | #43350 (comment) | License | MIT | Doc PR | Commits ------- 55e3a5b Deprecate passing null as $requestIp to IpUtils::checkIp(), checkIp4() and checkIp6()
2 parents e2754fb + 55e3a5b commit a53a173

File tree

7 files changed

+49
-5
lines changed

7 files changed

+49
-5
lines changed

UPGRADE-5.4.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ HttpKernel
3939
HttpFoundation
4040
--------------
4141

42+
* Deprecate passing `null` as `$requestIp` to `IpUtils::checkIp()`, `IpUtils::checkIp4()` or `IpUtils::checkIp6()`, pass an empty string instead.
4243
* Mark `Request::get()` internal, use explicit input sources instead
4344
* Deprecate `upload_progress.*` and `url_rewriter.tags` session options
4445

src/Symfony/Component/HttpClient/NoPrivateNetworkHttpClient.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ public function request(string $method, string $url, array $options = []): Respo
8080

8181
$options['on_progress'] = function (int $dlNow, int $dlSize, array $info) use ($onProgress, $subnets, &$lastPrimaryIp): void {
8282
if ($info['primary_ip'] !== $lastPrimaryIp) {
83-
if (IpUtils::checkIp($info['primary_ip'], $subnets ?? self::PRIVATE_SUBNETS)) {
83+
if ($info['primary_ip'] && IpUtils::checkIp($info['primary_ip'], $subnets ?? self::PRIVATE_SUBNETS)) {
8484
throw new TransportException(sprintf('IP "%s" is blocked for "%s".', $info['primary_ip'], $info['url']));
8585
}
8686

src/Symfony/Component/HttpFoundation/CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ CHANGELOG
44
5.4
55
---
66

7+
* Deprecate passing `null` as `$requestIp` to `IpUtils::__checkIp()`, `IpUtils::__checkIp4()` or `IpUtils::__checkIp6()`, pass an empty string instead.
78
* Add the `litespeed_finish_request` method to work with Litespeed
89
* Deprecate `upload_progress.*` and `url_rewriter.tags` session options
910

src/Symfony/Component/HttpFoundation/IpUtils.php

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,8 @@ private function __construct()
3737
public static function checkIp(?string $requestIp, $ips)
3838
{
3939
if (null === $requestIp) {
40+
trigger_deprecation('symfony/http-foundation', '5.4', 'Passing null as $requestIp to "%s()" is deprecated, pass an empty string instead.', __METHOD__);
41+
4042
return false;
4143
}
4244

@@ -65,6 +67,12 @@ public static function checkIp(?string $requestIp, $ips)
6567
*/
6668
public static function checkIp4(?string $requestIp, string $ip)
6769
{
70+
if (null === $requestIp) {
71+
trigger_deprecation('symfony/http-foundation', '5.4', 'Passing null as $requestIp to "%s()" is deprecated, pass an empty string instead.', __METHOD__);
72+
73+
return false;
74+
}
75+
6876
$cacheKey = $requestIp.'-'.$ip;
6977
if (isset(self::$checkedIps[$cacheKey])) {
7078
return self::$checkedIps[$cacheKey];
@@ -112,6 +120,12 @@ public static function checkIp4(?string $requestIp, string $ip)
112120
*/
113121
public static function checkIp6(?string $requestIp, string $ip)
114122
{
123+
if (null === $requestIp) {
124+
trigger_deprecation('symfony/http-foundation', '5.4', 'Passing null as $requestIp to "%s()" is deprecated, pass an empty string instead.', __METHOD__);
125+
126+
return false;
127+
}
128+
115129
$cacheKey = $requestIp.'-'.$ip;
116130
if (isset(self::$checkedIps[$cacheKey])) {
117131
return self::$checkedIps[$cacheKey];

src/Symfony/Component/HttpFoundation/RequestMatcher.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -185,7 +185,7 @@ public function matches(Request $request)
185185
return false;
186186
}
187187

188-
if (IpUtils::checkIp($request->getClientIp(), $this->ips)) {
188+
if (IpUtils::checkIp($request->getClientIp() ?? '', $this->ips)) {
189189
return true;
190190
}
191191

src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php

Lines changed: 30 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,10 +12,13 @@
1212
namespace Symfony\Component\HttpFoundation\Tests;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
1516
use Symfony\Component\HttpFoundation\IpUtils;
1617

1718
class IpUtilsTest extends TestCase
1819
{
20+
use ExpectDeprecationTrait;
21+
1922
/**
2023
* @dataProvider getIpv4Data
2124
*/
@@ -40,7 +43,6 @@ public function getIpv4Data()
4043
[false, '1.2.3.4', '256.256.256/0'], // invalid CIDR notation
4144
[false, 'an_invalid_ip', '192.168.1.0/24'],
4245
[false, '', '1.2.3.4/1'],
43-
[false, null, '1.2.3.4/1'],
4446
];
4547
}
4648

@@ -72,10 +74,36 @@ public function getIpv6Data()
7274
[false, '}__test|O:21:"JDatabaseDriverMysqli":3:{s:2', '::1'],
7375
[false, '2a01:198:603:0:396e:4789:8e99:890f', 'unknown'],
7476
[false, '', '::1'],
75-
[false, null, '::1'],
7677
];
7778
}
7879

80+
/**
81+
* @group legacy
82+
*/
83+
public function testIpTriggersDeprecationOnNull()
84+
{
85+
$this->expectDeprecation('Since symfony/http-foundation 5.4: Passing null as $requestIp to "Symfony\Component\HttpFoundation\IpUtils::checkIp()" is deprecated, pass an empty string instead.');
86+
$this->assertFalse(IpUtils::checkIp(null, '192.168.1.1'));
87+
}
88+
89+
/**
90+
* @group legacy
91+
*/
92+
public function testIp4TriggersDeprecationOnNull()
93+
{
94+
$this->expectDeprecation('Since symfony/http-foundation 5.4: Passing null as $requestIp to "Symfony\Component\HttpFoundation\IpUtils::checkIp4()" is deprecated, pass an empty string instead.');
95+
$this->assertFalse(IpUtils::checkIp4(null, '192.168.1.1'));
96+
}
97+
98+
/**
99+
* @group legacy
100+
*/
101+
public function testIp6TriggersDeprecationOnNull()
102+
{
103+
$this->expectDeprecation('Since symfony/http-foundation 5.4: Passing null as $requestIp to "Symfony\Component\HttpFoundation\IpUtils::checkIp6()" is deprecated, pass an empty string instead.');
104+
$this->assertFalse(IpUtils::checkIp6(null, '2a01:198:603:0::/65'));
105+
}
106+
79107
/**
80108
* @requires extension sockets
81109
*/

src/Symfony/Component/HttpKernel/HttpCache/SubRequestHandler.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ public static function handle(HttpKernelInterface $kernel, Request $request, int
3131

3232
// remove untrusted values
3333
$remoteAddr = $request->server->get('REMOTE_ADDR');
34-
if (!IpUtils::checkIp($remoteAddr, $trustedProxies)) {
34+
if (!$remoteAddr || !IpUtils::checkIp($remoteAddr, $trustedProxies)) {
3535
$trustedHeaders = [
3636
'FORWARDED' => $trustedHeaderSet & Request::HEADER_FORWARDED,
3737
'X_FORWARDED_FOR' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_FOR,

0 commit comments

Comments
 (0)
0