return $_GET;
}
+ /**
+ * Return the contents of the Query with no decoding. Use when you need to
+ * know exactly what was sent, e.g. for an OAuth signature over the elements.
+ *
+ * @return String
+ */
+ public function getRawQueryString() {
+ return $_SERVER['QUERY_STRING'];
+ }
+
+ /**
+ * Return the contents of the POST with no decoding. Use when you need to
+ * know exactly what was sent, e.g. for an OAuth signature over the elements.
+ *
+ * @return String
+ */
+ public function getRawPostString() {
+ if ( !$this->wasPosted() ) {
+ return '';
+ }
+ return $this->getRawInput();
+ }
+
+ /**
+ * Return the raw request body, with no processing. Cached since some methods
+ * disallow reading the stream more than once. As stated in the php docs, this
+ * does not work with enctype="multipart/form-data".
+ *
+ * @return String
+ */
+ public function getRawInput() {
+ static $input = false;
+ if ( $input === false ) {
+ $input = file_get_contents( 'php://input' );
+ }
+ return $input;
+ }
+
/**
* Get the HTTP method used for this request.
*
return;
}
- if ( function_exists( 'apache_request_headers' ) ) {
- foreach ( apache_request_headers() as $tempName => $tempValue ) {
+ $apacheHeaders = function_exists( 'apache_request_headers' ) ? apache_request_headers() : false;
+ if ( $apacheHeaders ) {
+ foreach ( $apacheHeaders as $tempName => $tempValue ) {
$this->headers[strtoupper( $tempName )] = $tempValue;
}
} else {
# unless the address is not sensible (e.g. private). However, prefer private
# IP addresses over proxy servers controlled by this site (more sensible).
foreach ( $ipchain as $i => $curIP ) {
- $curIP = IP::canonicalize( $curIP );
+ $curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) );
if ( wfIsTrustedProxy( $curIP ) && isset( $ipchain[$i + 1] ) ) {
if ( wfIsConfiguredProxy( $curIP ) || // bug 48919
( IP::isPublic( $ipchain[$i + 1] ) || $wgUsePrivateIPs )
return false;
}
+ /**
+ * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+ * @return String
+ */
+ public function getRawQueryString() {
+ return '';
+ }
+
+ /**
+ * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+ * @return String
+ */
+ public function getRawPostString() {
+ return '';
+ }
+
+ /**
+ * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+ * @return String
+ */
+ public function getRawInput() {
+ return '';
+ }
+
/**
* @param array $extWhitelist
* @return bool