*/
private $ip;
+ /**
+ * Cached URL protocol
+ * @var string
+ */
+ protected $protocol;
+
public function __construct() {
/// @todo FIXME: This preemptive de-quoting can interfere with other web libraries
/// and increases our memory footprint. It would be cleaner to do on
* @return string
*/
public static function detectServer() {
- list( $proto, $stdPort ) = self::detectProtocolAndStdPort();
+ $proto = self::detectProtocol();
+ $stdPort = $proto === 'https' ? 443 : 80;
$varNames = array( 'HTTP_HOST', 'SERVER_NAME', 'HOSTNAME', 'SERVER_ADDR' );
$host = 'localhost';
}
/**
+ * Detect the protocol from $_SERVER.
+ * This is for use prior to Setup.php, when no WebRequest object is available.
+ * At other times, use the non-static function getProtocol().
+ *
* @return array
*/
- public static function detectProtocolAndStdPort() {
+ public static function detectProtocol() {
if ( ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' ) ||
( isset( $_SERVER['HTTP_X_FORWARDED_PROTO'] ) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) ) {
- $arr = array( 'https', 443 );
+ return 'https';
} else {
- $arr = array( 'http', 80 );
+ return 'http';
}
return $arr;
}
/**
+ * Get the current URL protocol (http or https)
* @return string
*/
- public static function detectProtocol() {
- list( $proto, ) = self::detectProtocolAndStdPort();
- return $proto;
+ public function getProtocol() {
+ if ( $this->protocol === null ) {
+ $this->protocol = self::detectProtocol();
+ }
+ return $this->protocol;
}
/**
: null;
}
+ /**
+ * Fetch a floating point value from the input or return $default if not set.
+ * Guaranteed to return a float; non-numeric input will typically
+ * return 0.
+ *
+ * @since 1.23
+ * @param $name String
+ * @param $default Float
+ * @return Float
+ */
+ public function getFloat( $name, $default = 0 ) {
+ return floatval( $this->getVal( $name, $default ) );
+ }
+
/**
* Fetch a boolean value from the input or return $default if not set.
* Guaranteed to return true or false, with normal PHP semantics for
foreach ( $ipchain as $i => $curIP ) {
$curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) );
if ( wfIsTrustedProxy( $curIP ) && isset( $ipchain[$i + 1] ) ) {
- if ( wfIsConfiguredProxy( $curIP ) || // bug 48919
- ( IP::isPublic( $ipchain[$i + 1] ) || $wgUsePrivateIPs )
+ if ( wfIsConfiguredProxy( $curIP ) || // bug 48919; treat IP as sane
+ IP::isPublic( $ipchain[$i + 1] ) ||
+ $wgUsePrivateIPs
) {
- $ip = IP::canonicalize( $ipchain[$i + 1] );
+ $nextIP = IP::canonicalize( $ipchain[$i + 1] );
+ if ( !$nextIP && wfIsConfiguredProxy( $ip ) ) {
+ // We have not yet made it past CDN/proxy servers of this site,
+ // so either they are misconfigured or there is some IP spoofing.
+ throw new MWException( "Invalid IP given in XFF '$forwardedFor'." );
+ }
+ $ip = $nextIP;
continue;
}
}
wfRunHooks( 'GetIP', array( &$ip ) );
if ( !$ip ) {
- throw new MWException( "Unable to determine IP" );
+ throw new MWException( "Unable to determine IP." );
}
wfDebug( "IP: $ip\n" );
* fake GET/POST values
* @param bool $wasPosted whether to treat the data as POST
* @param $session Mixed: session array or null
+ * @param string $protocol 'http' or 'https'
* @throws MWException
*/
- public function __construct( $data = array(), $wasPosted = false, $session = null ) {
+ public function __construct( $data = array(), $wasPosted = false, $session = null, $protocol = 'http' ) {
if ( is_array( $data ) ) {
$this->data = $data;
} else {
if ( $session ) {
$this->session = $session;
}
+ $this->protocol = $protocol;
}
/**
$this->notImplemented( __METHOD__ );
}
+ public function getProtocol() {
+ return $this->protocol;
+ }
+
/**
* @param string $name The name of the header to get (case insensitive).
* @return bool|string
class DerivativeRequest extends FauxRequest {
private $base;
+ /**
+ * @param WebRequest $base
+ * @param array $data Array of *non*-urlencoded key => value pairs, the
+ * fake GET/POST values
+ * @param bool $wasPosted Whether to treat the data as POST
+ */
public function __construct( WebRequest $base, $data, $wasPosted = false ) {
$this->base = $base;
parent::__construct( $data, $wasPosted );
public function getIP() {
return $this->base->getIP();
}
+
+ public function getProtocol() {
+ return $this->base->getProtocol();
+ }
}
dépôts / lhc / web / wiklou.git / blobdiff