8000 Merge branch '6.0' into 6.1 · symfony/symfony@bc2f554 · GitHub
[go: up one dir, main page]
Skip to content

Commit bc2f554

Browse files
xabbuhxabbuh
committed
Merge branch '6.0' into 6.1
* 6.0: [HttpFoundation] Always return strings from accept headers decode URL-encoded characters in DSN's usernames/passwords [Security/Http] cs fixes
2 parents b3f34b0 + 970fdb0 commit bc2f554

File tree

7 files changed

+35
-20
lines changed

7 files changed

+35
-20
lines changed

src/Symfony/Component/HttpFoundation/Request.php

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1577,7 +1577,8 @@ public function getLanguages(): array
15771577

15781578
$languages = AcceptHeader::fromString($this->headers->get('Accept-Language'))->all();
15791579
$this->languages = [];
1580-
foreach ($languages as $lang => $acceptHeaderItem) {
1580+
foreach ($languages as $acceptHeaderItem) {
1581+
$lang = $acceptHeaderItem->getValue();
15811582
if (str_contains($lang, '-')) {
15821583
$codes = explode('-', $lang);
15831584
if ('i' === $codes[0]) {
@@ -1613,7 +1614,7 @@ public function getCharsets(): array
16131614
return $this->charsets;
16141615
}
16151616

1616-
return $this->charsets = array_keys(AcceptHeader::fromString($this->headers->get('Accept-Charset'))->all());
1617+
return $this->charsets = array_map('strval', array_keys(AcceptHeader::fromString($this->headers->get('Accept-Charset'))->all()));
16171618
}
16181619

16191620
/**
@@ -1625,7 +1626,7 @@ public function getEncodings(): array
16251626
return $this->encodings;
16261627
}
16271628

1628-
return $this->encodings = array_keys(AcceptHeader::fromString($this->headers->get('Accept-Encoding'))->all());
1629+
return $this->encodings = array_map('strval', array_keys(AcceptHeader::fromString($this->headers->get('Accept-Encoding'))->all()));
16291630
}
16301631

16311632
/**
@@ -1637,7 +1638,7 @@ public function getAcceptableContentTypes(): array
16371638
return $this->acceptableContentTypes;
16381639
}
16391640

1640-
return $this->acceptableContentTypes = array_keys(AcceptHeader::fromString($this->headers->get('Accept'))->all());
1641+
return $this->acceptableContentTypes = array_map('strval', array_keys(AcceptHeader::fromString($this->headers->get('Accept'))->all()));
16411642
}
1 8000 6421643

16431644
/**

src/Symfony/Component/HttpFoundation/Tests/RequestTest.php

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1607,6 +1607,20 @@ public function testGetLanguages()
16071607
$this->assertEquals(['zh', 'cherokee'], $request->getLanguages());
16081608
}
16091609

1610+
public function testGetAcceptHeadersReturnString()
1611+
{
1612+
$request = new Request();
1613+
$request->headers->set('Accept', '123');
1614+
$request->headers->set('Accept-Charset', '123');
1615+
$request->headers->set('Accept-Encoding', '123');
1616+
$request->headers->set('Accept-Language', '123');
1617+
1618+
$this->assertSame(['123'], $request->getAcceptableContentTypes());
1619+
$this->assertSame(['123'], $request->getCharsets());
1620+
$this->assertSame(['123'], $request->getEncodings());
1621+
$this->assertSame(['123'], $request->getLanguages());
1622+
}
1623+
16101624
public function testGetRequestFormat()
16111625
{
16121626
$request = new Request();

src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -184,11 +184,11 @@ public static function fromDsn(string $dsn, array $options = [], AmqpFactory $am
184184
self::validateOptions($amqpOptions);
185185

186186
if (isset($parsedUrl['user'])) {
187-
$amqpOptions['login'] = $parsedUrl['user'];
187+
$amqpOptions['login'] = urldecode($parsedUrl['user']);
188188
}
189189

190190
if (isset($parsedUrl['pass'])) {
191-
$amqpOptions['password'] = $parsedUrl['pass'];
191+
$amqpOptions['password'] = urldecode($parsedUrl['pass']);
192192
}
193193

194194
if (!isset($amqpOptions['queues'])) {

src/Symfony/Component/Messenger/Bridge/Redis/Transport/Connection.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -205,8 +205,8 @@ public static function fromDsn(string $dsn, array $options = [], \Redis|\RedisCl
205205
}
206206

207207
if (isset($parsedUrl['host'])) {
208-
$pass = '' !== ($parsedUrl['pass'] ?? '') ? $parsedUrl['pass'] : null;
209-
$user = '' !== ($parsedUrl['user'] ?? '') ? $parsedUrl['user'] : null;
208+
$pass = '' !== ($parsedUrl['pass'] ?? '') ? urldecode($parsedUrl['pass']) : null;
209+
$user = '' !== ($parsedUrl['user'] ?? '') ? urldecode($parsedUrl['user']) : null;
210210
$options['host'] = $parsedUrl['host'] ?? $options['host'];
211211
$options['port'] = $parsedUrl['port'] ?? $options['port'];
212212
// See: https://github.com/phpredis/phpredis/#auth

src/Symfony/Component/Security/Core/Signature/SignatureHasher.php

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -31,9 +31,9 @@ class SignatureHasher
3131
private ?int $maxUses;
3232

3333
/**
34-
* @param array $signatureProperties properties of the User; the hash is invalidated if these properties change
35-
* @param ExpiredSignatureStorage|null $expiredSignaturesStorage if provided, secures a sequence of hashes that are expired
36-
* @param int|null $maxUses used together with $expiredSignatureStorage to allow a maximum usage of a hash
34+
* @param array $signatureProperties Properties of the User; the hash is invalidated if these properties change
35+
* @param ExpiredSignatureStorage|null $expiredSignaturesStorage If provided, secures a sequence of hashes that are expired
36+
* @param int|null $maxUses Used together with $expiredSignatureStorage to allow a maximum usage of a hash
3737
*/
3838
public function __construct(PropertyAccessorInterface $propertyAccessor, array $signatureProperties, string $secret, ExpiredSignatureStorage $expiredSignaturesStorage = null, int $maxUses = null)
3939
{
@@ -47,8 +47,8 @@ public function __construct(PropertyAccessorInterface $propertyAccessor, array $
4747
/**
4848
* Verifies the hash using the provided user and expire time.
4949
*
50-
* @param int $expires the expiry time as a unix timestamp
51-
* @param string $hash the plaintext hash provided by the request
50+
* @param int $expires The expiry time as a unix timestamp
51+
* @param string $hash The plaintext hash provided by the request
5252
*
5353
* @throws InvalidSignatureException If the signature does not match the provided parameters
5454
* @throws ExpiredSignatureException If the signature is no longer valid
@@ -75,7 +75,7 @@ public function verifySignatureHash(UserInterface $user, int $expires, string $h
7575
/**
7676
* Computes the secure hash for the provided user and expire time.
7777
*
78-
* @param int $expires the expiry time as a unix timestamp
78+
* @param int $expires The expiry time as a unix timestamp
7979
*/
8080
public function computeSignatureHash(UserInterface $user, int $expires): string
8181
{

src/Symfony/Component/Security/Http/LoginLink/LoginLinkHandler.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -31,13 +31,13 @@ final class LoginLinkHandler implements LoginLinkHandlerInterface
3131
private UrlGeneratorInterface $urlGenerator;
3232
private UserProviderInterface $userProvider;
3333
private array $options;
34-
private SignatureHasher $signatureHashUtil;
34+
private SignatureHasher $signatureHasher;
3535

36-
public function __construct(UrlGeneratorInterface $urlGenerator, UserProviderInterface $userProvider, SignatureHasher $signatureHashUtil, array $options)
36+
public function __construct(UrlGeneratorInterface $urlGenerator, UserProviderInterface $userProvider, SignatureHasher $signatureHasher, array $options)
3737
{
3838
$this->urlGenerator = $urlGenerator;
3939
$this->userProvider = $userProvider;
40-
$this->signatureHashUtil = $signatureHashUtil;
40+
$this->signatureHasher = $signatureHasher;
4141
$this->options = array_merge([
4242
'route_name' => null,
4343
'lifetime' => 600,
@@ -52,7 +52,7 @@ public function createLoginLink(UserInterface $user, Request $request = null): L
5252
$parameters = [
5353
'user' => $user->getUserIdentifier(),
5454
'expires' => $expires,
55-
'hash' => $this->signatureHashUtil->computeSignatureHash($user, $expires),
55+
'hash' => $this->signatureHasher->computeSignatureHash($user, $expires),
5656
];
5757

5858
if ($request) {
@@ -93,7 +93,7 @@ public function consumeLoginLink(Request $request): UserInterface
9393
$expires = $request->get('expires');
9494

9595
try {
96-
$this->signatureHashUtil->verifySignatureHash($user, $expires, $hash);
96+
$this->signatureHasher->verifySignatureHash($user, $expires, $hash);
9797
} catch (ExpiredSignatureException $e) {
9898
throw new ExpiredLoginLinkException(ucfirst(str_ireplace('signature', 'login link', $e->getMessage())), 0, $e);
9999
} catch (InvalidSignatureException $e) {

src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeHandler.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ public function __construct(UserProviderInterface $userProvider, RequestStack $r
5353
* - Create a new remember-me cookie to be sent with the response (using {@see createCookie()});
5454
* - If you store the token somewhere else (e.g. in a database), invalidate the stored token.
5555
*
56-
* @throws AuthenticationException throw this exception if the remember me details are not accepted
56+
* @throws AuthenticationException If the remember-me details are not accepted
5757
*/
5858
abstract protected function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void;
5959

0 commit comments

Comments
 (0)
0