PluginProbe ʕ •ᴥ•ʔ
Matomo Analytics – Powerful, Privacy-First Insights for WordPress / 5.8.2
Matomo Analytics – Powerful, Privacy-First Insights for WordPress v5.8.2
5.11.1 5.11.0 5.10.2 5.10.1 trunk 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.3.2 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.1.0 4.1.1 4.1.2 4.1.3 4.10.0 4.11.0 4.12.0 4.13.0 4.13.2 4.13.3 4.13.4 4.13.5 4.14.0 4.14.1 4.14.2 4.15.0 4.15.1 4.15.2 4.15.3 4.2.0 4.3.0 4.3.1 4.4.1 4.4.2 4.5.0 4.6.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.10.0 5.2.0 5.2.1 5.2.2 5.3.0 5.3.1 5.3.2 5.3.3 5.6.0 5.6.1 5.7.0 5.7.1 5.8.0 5.8.1 5.8.2
matomo / app / vendor / prefixed / symfony / http-kernel / HttpCache / SubRequestHandler.php
matomo / app / vendor / prefixed / symfony / http-kernel / HttpCache Last commit date
AbstractSurrogate.php 1 year ago Esi.php 1 year ago HttpCache.php 1 year ago ResponseCacheStrategy.php 1 year ago ResponseCacheStrategyInterface.php 2 years ago Ssi.php 1 year ago Store.php 1 year ago StoreInterface.php 2 years ago SubRequestHandler.php 2 years ago SurrogateInterface.php 1 year ago
SubRequestHandler.php
78 lines
1 <?php
2
3 /*
4 * This file is part of the Symfony package.
5 *
6 * (c) Fabien Potencier <fabien@symfony.com>
7 *
8 * For the full copyright and license information, please view the LICENSE
9 * file that was distributed with this source code.
10 */
11 namespace Matomo\Dependencies\Symfony\Component\HttpKernel\HttpCache;
12
13 use Matomo\Dependencies\Symfony\Component\HttpFoundation\IpUtils;
14 use Matomo\Dependencies\Symfony\Component\HttpFoundation\Request;
15 use Matomo\Dependencies\Symfony\Component\HttpFoundation\Response;
16 use Matomo\Dependencies\Symfony\Component\HttpKernel\HttpKernelInterface;
17 /**
18 * @author Nicolas Grekas <p@tchwork.com>
19 *
20 * @internal
21 */
22 class SubRequestHandler
23 {
24 public static function handle(HttpKernelInterface $kernel, Request $request, int $type, bool $catch) : Response
25 {
26 // save global state related to trusted headers and proxies
27 $trustedProxies = Request::getTrustedProxies();
28 $trustedHeaderSet = Request::getTrustedHeaderSet();
29 // remove untrusted values
30 $remoteAddr = $request->server->get('REMOTE_ADDR');
31 if (!$remoteAddr || !IpUtils::checkIp($remoteAddr, $trustedProxies)) {
32 $trustedHeaders = ['FORWARDED' => $trustedHeaderSet & Request::HEADER_FORWARDED, 'X_FORWARDED_FOR' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_FOR, 'X_FORWARDED_HOST' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_HOST, 'X_FORWARDED_PROTO' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PROTO, 'X_FORWARDED_PORT' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PORT, 'X_FORWARDED_PREFIX' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PREFIX];
33 foreach (array_filter($trustedHeaders) as $name => $key) {
34 $request->headers->remove($name);
35 $request->server->remove('HTTP_' . $name);
36 }
37 }
38 // compute trusted values, taking any trusted proxies into account
39 $trustedIps = [];
40 $trustedValues = [];
41 foreach (array_reverse($request->getClientIps()) as $ip) {
42 $trustedIps[] = $ip;
43 $trustedValues[] = sprintf('for="%s"', $ip);
44 }
45 if ($ip !== $remoteAddr) {
46 $trustedIps[] = $remoteAddr;
47 $trustedValues[] = sprintf('for="%s"', $remoteAddr);
48 }
49 // set trusted values, reusing as much as possible the global trusted settings
50 if (Request::HEADER_FORWARDED & $trustedHeaderSet) {
51 $trustedValues[0] .= sprintf(';host="%s";proto=%s', $request->getHttpHost(), $request->getScheme());
52 $request->headers->set('Forwarded', $v = implode(', ', $trustedValues));
53 $request->server->set('HTTP_FORWARDED', $v);
54 }
55 if (Request::HEADER_X_FORWARDED_FOR & $trustedHeaderSet) {
56 $request->headers->set('X-Forwarded-For', $v = implode(', ', $trustedIps));
57 $request->server->set('HTTP_X_FORWARDED_FOR', $v);
58 } elseif (!(Request::HEADER_FORWARDED & $trustedHeaderSet)) {
59 Request::setTrustedProxies($trustedProxies, $trustedHeaderSet | Request::HEADER_X_FORWARDED_FOR);
60 $request->headers->set('X-Forwarded-For', $v = implode(', ', $trustedIps));
61 $request->server->set('HTTP_X_FORWARDED_FOR', $v);
62 }
63 // fix the client IP address by setting it to 127.0.0.1,
64 // which is the core responsibility of this method
65 $request->server->set('REMOTE_ADDR', '127.0.0.1');
66 // ensure 127.0.0.1 is set as trusted proxy
67 if (!IpUtils::checkIp('127.0.0.1', $trustedProxies)) {
68 Request::setTrustedProxies(array_merge($trustedProxies, ['127.0.0.1']), Request::getTrustedHeaderSet());
69 }
70 try {
71 return $kernel->handle($request, $type, $catch);
72 } finally {
73 // restore global state
74 Request::setTrustedProxies($trustedProxies, $trustedHeaderSet);
75 }
76 }
77 }
78