From 4acca42330df4e555f0ad4438be013df1037f70a Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Tue, 4 Jun 2019 10:18:38 +0200
Subject: [PATCH] [HttpClient] Don't throw InvalidArgumentException on bad
 Location header

---
 .../Component/HttpClient/CurlHttpClient.php   | 11 +++++++++--
 .../Component/HttpClient/NativeHttpClient.php | 11 ++++++++++-
 .../HttpClient/Response/CurlResponse.php      | 19 ++++++++++++-------
 .../HttpClient/Test/Fixtures/web/index.php    |  4 ++++
 .../HttpClient/Test/HttpClientTestCase.php    | 14 ++++++++++++++
 5 files changed, 49 insertions(+), 10 deletions(-)

diff --git a/src/Symfony/Component/HttpClient/CurlHttpClient.php b/src/Symfony/Component/HttpClient/CurlHttpClient.php
index fd8ecbaeed..9f7401b0aa 100644
--- a/src/Symfony/Component/HttpClient/CurlHttpClient.php
+++ b/src/Symfony/Component/HttpClient/CurlHttpClient.php
@@ -14,6 +14,7 @@ namespace Symfony\Component\HttpClient;
 use Psr\Log\LoggerAwareInterface;
 use Psr\Log\LoggerAwareTrait;
 use Psr\Log\LoggerInterface;
+use Symfony\Component\HttpClient\Exception\InvalidArgumentException;
 use Symfony\Component\HttpClient\Exception\TransportException;
 use Symfony\Component\HttpClient\Internal\CurlClientState;
 use Symfony\Component\HttpClient\Internal\PushedResponse;
@@ -392,14 +393,20 @@ final class CurlHttpClient implements HttpClientInterface, LoggerAwareInterface
         }
 
         return static function ($ch, string $location) use ($redirectHeaders) {
-            if ($redirectHeaders && $host = parse_url($location, PHP_URL_HOST)) {
+            try {
+                $location = self::parseUrl($location);
+            } catch (InvalidArgumentException $e) {
+                return null;
+            }
+
+            if ($redirectHeaders && $host = parse_url('http:'.$location['authority'], PHP_URL_HOST)) {
                 $requestHeaders = $redirectHeaders['host'] === $host ? $redirectHeaders['with_auth'] : $redirectHeaders['no_auth'];
                 curl_setopt($ch, CURLOPT_HTTPHEADER, $requestHeaders);
             }
 
             $url = self::parseUrl(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL));
 
-            return implode('', self::resolveUrl(self::parseUrl($location), $url));
+            return implode('', self::resolveUrl($location, $url));
         };
     }
 }
diff --git a/src/Symfony/Component/HttpClient/NativeHttpClient.php b/src/Symfony/Component/HttpClient/NativeHttpClient.php
index b8e39e9479..55313b1ccc 100644
--- a/src/Symfony/Component/HttpClient/NativeHttpClient.php
+++ b/src/Symfony/Component/HttpClient/NativeHttpClient.php
@@ -13,6 +13,7 @@ namespace Symfony\Component\HttpClient;
 
 use Psr\Log\LoggerAwareInterface;
 use Psr\Log\LoggerAwareTrait;
+use Symfony\Component\HttpClient\Exception\InvalidArgumentException;
 use Symfony\Component\HttpClient\Exception\TransportException;
 use Symfony\Component\HttpClient\Internal\NativeClientState;
 use Symfony\Component\HttpClient\Response\NativeResponse;
@@ -352,7 +353,15 @@ final class NativeHttpClient implements HttpClientInterface, LoggerAwareInterfac
                 return null;
             }
 
-            $url = self::resolveUrl(self::parseUrl($location), $info['url']);
+            try {
+                $url = self::parseUrl($location);
+            } catch (InvalidArgumentException $e) {
+                $info['redirect_url'] = null;
+
+                return null;
+            }
+
+            $url = self::resolveUrl($url, $info['url']);
             $info['redirect_url'] = implode('', $url);
 
             if ($info['redirect_count'] >= $maxRedirects) {
diff --git a/src/Symfony/Component/HttpClient/Response/CurlResponse.php b/src/Symfony/Component/HttpClient/Response/CurlResponse.php
index e9db983d7b..1c5114e92f 100644
--- a/src/Symfony/Component/HttpClient/Response/CurlResponse.php
+++ b/src/Symfony/Component/HttpClient/Response/CurlResponse.php
@@ -310,14 +310,19 @@ final class CurlResponse implements ResponseInterface
         $info['redirect_url'] = null;
 
         if (300 <= $statusCode && $statusCode < 400 && null !== $location) {
-            $info['redirect_url'] = $resolveRedirect($ch, $location);
-            $url = parse_url($location ?? ':');
+            if (null === $info['redirect_url'] = $resolveRedirect($ch, $location)) {
+                $options['max_redirects'] = curl_getinfo($ch, CURLINFO_REDIRECT_COUNT);
+                curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
+                curl_setopt($ch, CURLOPT_MAXREDIRS, $options['max_redirects']);
+            } else {
+                $url = parse_url($location ?? ':');
 
-            if (isset($url['host']) && null !== $ip = $multi->dnsCache->hostnames[$url['host'] = strtolower($url['host'])] ?? null) {
-                // Populate DNS cache for redirects if needed
-                $port = $url['port'] ?? ('http' === ($url['scheme'] ?? parse_url(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL), PHP_URL_SCHEME)) ? 80 : 443);
-                curl_setopt($ch, CURLOPT_RESOLVE, ["{$url['host']}:$port:$ip"]);
-                $multi->dnsCache->removals["-{$url['host']}:$port"] = "-{$url['host']}:$port";
+                if (isset($url['host']) && null !== $ip = $multi->dnsCache->hostnames[$url['host'] = strtolower($url['host'])] ?? null) {
+                    // Populate DNS cache for redirects if needed
+                    $port = $url['port'] ?? ('http' === ($url['scheme'] ?? parse_url(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL), PHP_URL_SCHEME)) ? 80 : 443);
+                    curl_setopt($ch, CURLOPT_RESOLVE, ["{$url['host']}:$port:$ip"]);
+                    $multi->dnsCache->removals["-{$url['host']}:$port"] = "-{$url['host']}:$port";
+                }
             }
         }
 
diff --git a/src/Symfony/Contracts/HttpClient/Test/Fixtures/web/index.php b/src/Symfony/Contracts/HttpClient/Test/Fixtures/web/index.php
index ff68ab6878..6763198937 100644
--- a/src/Symfony/Contracts/HttpClient/Test/Fixtures/web/index.php
+++ b/src/Symfony/Contracts/HttpClient/Test/Fixtures/web/index.php
@@ -55,6 +55,10 @@ switch ($vars['REQUEST_URI']) {
         header('Location: http://foo.example.', true, 301);
         break;
 
+    case '/301/invalid':
+        header('Location: //?foo=bar', true, 301);
+        break;
+
     case '/302':
         if (!isset($vars['HTTP_AUTHORIZATION'])) {
             header('Location: http://localhost:8057/', true, 302);
diff --git a/src/Symfony/Contracts/HttpClient/Test/HttpClientTestCase.php b/src/Symfony/Contracts/HttpClient/Test/HttpClientTestCase.php
index b898ba55c6..5bb246319e 100644
--- a/src/Symfony/Contracts/HttpClient/Test/HttpClientTestCase.php
+++ b/src/Symfony/Contracts/HttpClient/Test/HttpClientTestCase.php
@@ -259,6 +259,20 @@ abstract class HttpClientTestCase extends TestCase
         $this->assertSame($expected, $filteredHeaders);
     }
 
+    public function testInvalidRedirect()
+    {
+        $client = $this->getHttpClient(__FUNCTION__);
+        $response = $client->request('GET', 'http://localhost:8057/301/invalid');
+
+        $this->assertSame(301, $response->getStatusCode());
+        $this->assertSame(['//?foo=bar'], $response->getHeaders(false)['location']);
+        $this->assertSame(0, $response->getInfo('redirect_count'));
+        $this->assertNull($response->getInfo('redirect_url'));
+
+        $this->expectException(RedirectionExceptionInterface::class);
+        $response->getHeaders();
+    }
+
     public function testRelativeRedirects()
     {
         $client = $this->getHttpClient(__FUNCTION__);