Skip to content

Commit f7a7425

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '7.1' into 7.2
* 7.1: Do not read from argv on non-CLI SAPIs [Process] Use %PATH% before %CD% to load the shell on Windows [HttpFoundation] Reject URIs that contain invalid characters [HttpClient] Filter private IPs before connecting when Host == IP
2 parents 306e795 + cd65d42 commit f7a7425

File tree

2 files changed

+45
-9
lines changed

2 files changed

+45
-9
lines changed

Request.php

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111

1212
namespace Symfony\Component\HttpFoundation;
1313

14+
use Symfony\Component\HttpFoundation\Exception\BadRequestException;
1415
use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
1516
use Symfony\Component\HttpFoundation\Exception\JsonException;
1617
use Symfony\Component\HttpFoundation\Exception\SessionNotFoundException;
@@ -275,6 +276,8 @@ public static function createFromGlobals(): static
275276
* @param array $files The request files ($_FILES)
276277
* @param array $server The server parameters ($_SERVER)
277278
* @param string|resource|null $content The raw body data
279+
*
280+
* @throws BadRequestException When the URI is invalid
278281
*/
279282
public static function create(string $uri, string $method = 'GET', array $parameters = [], array $cookies = [], array $files = [], array $server = [], $content = null): static
280283
{
@@ -302,6 +305,20 @@ public static function create(string $uri, string $method = 'GET', array $parame
302305
throw new \InvalidArgumentException(\sprintf('Malformed URI "%s".', $uri));
303306
}
304307

308+
if (false === $components) {
309+
throw new BadRequestException('Invalid URI.');
310+
}
311+
312+
if (false !== ($i = strpos($uri, '\\')) && $i < strcspn($uri, '?#')) {
313+
throw new BadRequestException('Invalid URI: A URI cannot contain a backslash.');
314+
}
315+
if (\strlen($uri) !== strcspn($uri, "\r\n\t")) {
316+
throw new BadRequestException('Invalid URI: A URI cannot contain CR/LF/TAB characters.');
317+
}
318+
if ('' !== $uri && (\ord($uri[0]) <= 32 || \ord($uri[-1]) <= 32)) {
319+
throw new BadRequestException('Invalid URI: A URI must not start nor end with ASCII control characters or spaces.');
320+
}
321+
305322
if (isset($components['host'])) {
306323
$server['SERVER_NAME'] = $components['host'];
307324
$server['HTTP_HOST'] = $components['host'];

Tests/RequestTest.php

Lines changed: 28 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\HttpFoundation\Tests;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Component\HttpFoundation\Exception\BadRequestException;
1516
use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
1617
use Symfony\Component\HttpFoundation\Exception\JsonException;
1718
use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
@@ -290,9 +291,34 @@ public function testCreateWithRequestUri()
290291
$this->assertTrue($request->isSecure());
291292

292293
// Fragment should not be included in the URI
293-
$request = Request::create('http://test.com/foo#bar');
294-
$request->server->set('REQUEST_URI', 'http://test.com/foo#bar');
294+
$request = Request::create('http://test.com/foo#bar\\baz');
295+
$request->server->set('REQUEST_URI', 'http://test.com/foo#bar\\baz');
295296
$this->assertEquals('http://test.com/foo', $request->getUri());
297+
298+
$request = Request::create('http://test.com/foo?bar=f\\o');
299+
$this->assertEquals('http://test.com/foo?bar=f%5Co', $request->getUri());
300+
$this->assertEquals('/foo', $request->getPathInfo());
301+
$this->assertEquals('bar=f%5Co', $request->getQueryString());
302+
}
303+
304+
/**
305+
* @testWith ["http://foo.com\\bar"]
306+
* ["\\\\foo.com/bar"]
307+
* ["a\rb"]
308+
* ["a\nb"]
309+
* ["a\tb"]
310+
* ["\u0000foo"]
311+
* ["foo\u0000"]
312+
* [" foo"]
313+
* ["foo "]
314+
* [":"]
315+
*/
316+
public function testCreateWithBadRequestUri(string $uri)
317+
{
318+
$this->expectException(BadRequestException::class);
319+
$this->expectExceptionMessage('Invalid URI');
320+
321+
Request::create($uri);
296322
}
297323

298324
/**
@@ -2666,13 +2692,6 @@ public function testReservedFlags()
26662692
$this->assertNotSame(0b10000000, $value, \sprintf('The constant "%s" should not use the reserved value "0b10000000".', $constant));
26672693
}
26682694
}
2669-
2670-
public function testMalformedUriCreationException()
2671-
{
2672-
$this->expectException(\InvalidArgumentException::class);
2673-
$this->expectExceptionMessage('Malformed URI "/invalid-path:123".');
2674-
Request::create('/invalid-path:123');
2675-
}
26762695
}
26772696

26782697
class RequestContentProxy extends Request

0 commit comments

Comments
 (0)