[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
This commit is contained in:
parent
1f00b55373
commit
db841018dc
|
@ -46,5 +46,9 @@
|
|||
<argument type="service" id="request_stack" />
|
||||
<tag name="kernel.event_subscriber" />
|
||||
</service>
|
||||
|
||||
<service id="validate_request_listener" class="Symfony\Component\HttpKernel\EventListener\ValidateRequestListener">
|
||||
<tag name="kernel.event_subscriber" />
|
||||
</service>
|
||||
</services>
|
||||
</container>
|
||||
|
|
|
@ -22,8 +22,8 @@
|
|||
"symfony/config": "~2.4",
|
||||
"symfony/event-dispatcher": "~2.5",
|
||||
"symfony/finder": "~2.0,>=2.0.5",
|
||||
"symfony/http-foundation": "~2.4.9|~2.5,>=2.5.4",
|
||||
"symfony/http-kernel": "~2.7",
|
||||
"symfony/http-foundation": "~2.7",
|
||||
"symfony/http-kernel": "~2.7.15|~2.8.8",
|
||||
"symfony/filesystem": "~2.3",
|
||||
"symfony/routing": "~2.6,>2.6.4",
|
||||
"symfony/security-core": "~2.6.13|~2.7.9|~2.8",
|
||||
|
|
|
@ -0,0 +1,55 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\HttpKernel\EventListener;
|
||||
|
||||
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
||||
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
|
||||
use Symfony\Component\HttpKernel\KernelEvents;
|
||||
|
||||
/**
|
||||
* Validates that the headers and other information indicating the
|
||||
* client IP address of a request are consistent.
|
||||
*
|
||||
* @author Magnus Nordlander <magnus@fervo.se>
|
||||
*/
|
||||
class ValidateRequestListener implements EventSubscriberInterface
|
||||
{
|
||||
/**
|
||||
* Performs the validation.
|
||||
*
|
||||
* @param GetResponseEvent $event
|
||||
*/
|
||||
public function onKernelRequest(GetResponseEvent $event)
|
||||
{
|
||||
if (!$event->isMasterRequest()) {
|
||||
return;
|
||||
}
|
||||
$request = $event->getRequest();
|
||||
|
||||
if ($request::getTrustedProxies()) {
|
||||
// This will throw an exception if the headers are inconsistent.
|
||||
$request->getClientIps();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public static function getSubscribedEvents()
|
||||
{
|
||||
return array(
|
||||
KernelEvents::REQUEST => array(
|
||||
array('onKernelRequest', 256),
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\HttpKernel\Tests\EventListener;
|
||||
|
||||
use Symfony\Component\EventDispatcher\EventDispatcher;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpKernel\EventListener\ValidateRequestListener;
|
||||
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
|
||||
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
||||
use Symfony\Component\HttpKernel\KernelEvents;
|
||||
|
||||
class ValidateRequestListenerTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
/**
|
||||
* @expectedException Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException
|
||||
*/
|
||||
public function testListenerThrowsWhenMasterRequestHasInconsistentClientIps()
|
||||
{
|
||||
$dispatcher = new EventDispatcher();
|
||||
$kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
|
||||
|
||||
$request = new Request();
|
||||
$request->setTrustedProxies(array('1.1.1.1'));
|
||||
$request->server->set('REMOTE_ADDR', '1.1.1.1');
|
||||
$request->headers->set('FORWARDED', '2.2.2.2');
|
||||
$request->headers->set('X_FORWARDED_FOR', '3.3.3.3');
|
||||
|
||||
$dispatcher->addListener(KernelEvents::REQUEST, array(new ValidateRequestListener(), 'onKernelRequest'));
|
||||
$event = new GetResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST);
|
||||
|
||||
$dispatcher->dispatch(KernelEvents::REQUEST, $event);
|
||||
}
|
||||
}
|
Reference in New Issue