* @file
*/
+use MediaWiki\MediaWikiServices;
use MediaWiki\Session\Session;
use MediaWiki\Session\SessionId;
use MediaWiki\Session\SessionManager;
/** @var bool Whether this HTTP request is "safe" (even if it is an HTTP post) */
protected $markedAsSafe = false;
+ /**
+ * @codeCoverageIgnore
+ */
public function __construct() {
$this->requestTime = isset( $_SERVER['REQUEST_TIME_FLOAT'] )
? $_SERVER['REQUEST_TIME_FLOAT'] : microtime( true );
* @return array|string Cleaned-up version of the given
* @private
*/
- function normalizeUnicode( $data ) {
+ public function normalizeUnicode( $data ) {
if ( is_array( $data ) ) {
foreach ( $data as $key => $val ) {
$data[$key] = $this->normalizeUnicode( $val );
}
}
+ /**
+ * Fetch a scalar from the input without normalization, or return $default
+ * if it's not set.
+ *
+ * Unlike self::getVal(), this does not perform any normalization on the
+ * input value.
+ *
+ * @since 1.28
+ * @param string $name
+ * @param string|null $default Optional default
+ * @return string
+ */
+ public function getRawVal( $name, $default = null ) {
+ $name = strtr( $name, '.', '_' ); // See comment in self::getGPCVal()
+ if ( isset( $this->data[$name] ) && !is_array( $this->data[$name] ) ) {
+ $val = $this->data[$name];
+ } else {
+ $val = $default;
+ }
+ if ( is_null( $val ) ) {
+ return $val;
+ } else {
+ return (string)$val;
+ }
+ }
+
/**
* Fetch a scalar from the input or return $default if it's not set.
* Returns a string. Arrays are discarded. Useful for
* @return int
*/
public function getInt( $name, $default = 0 ) {
- return intval( $this->getVal( $name, $default ) );
+ return intval( $this->getRawVal( $name, $default ) );
}
/**
* @return int|null
*/
public function getIntOrNull( $name ) {
- $val = $this->getVal( $name );
+ $val = $this->getRawVal( $name );
return is_numeric( $val )
? intval( $val )
: null;
* @return float
*/
public function getFloat( $name, $default = 0.0 ) {
- return floatval( $this->getVal( $name, $default ) );
+ return floatval( $this->getRawVal( $name, $default ) );
}
/**
* @return bool
*/
public function getBool( $name, $default = false ) {
- return (bool)$this->getVal( $name, $default );
+ return (bool)$this->getRawVal( $name, $default );
}
/**
* @return bool
*/
public function getFuzzyBool( $name, $default = false ) {
- return $this->getBool( $name, $default ) && strcasecmp( $this->getVal( $name ), 'false' ) !== 0;
+ return $this->getBool( $name, $default )
+ && strcasecmp( $this->getRawVal( $name ), 'false' ) !== 0;
}
/**
public function getCheck( $name ) {
# Checkboxes and buttons are only present when clicked
# Presence connotes truth, absence false
- return $this->getVal( $name, null ) !== null;
+ return $this->getRawVal( $name, null ) !== null;
}
/**
* Get the values passed in the query string.
* No transformation is performed on the values.
*
+ * @codeCoverageIgnore
* @return array
*/
public function getQueryValues() {
* Return the contents of the Query with no decoding. Use when you need to
* know exactly what was sent, e.g. for an OAuth signature over the elements.
*
+ * @codeCoverageIgnore
* @return string
*/
public function getRawQueryString() {
# Append XFF
$forwardedFor = $this->getHeader( 'X-Forwarded-For' );
if ( $forwardedFor !== false ) {
- $isConfigured = IP::isConfiguredProxy( $ip );
+ $proxyLookup = MediaWikiServices::getInstance()->getProxyLookup();
+ $isConfigured = $proxyLookup->isConfiguredProxy( $ip );
$ipchain = array_map( 'trim', explode( ',', $forwardedFor ) );
$ipchain = array_reverse( $ipchain );
array_unshift( $ipchain, $ip );
foreach ( $ipchain as $i => $curIP ) {
$curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) );
if ( !$curIP || !isset( $ipchain[$i + 1] ) || $ipchain[$i + 1] === 'unknown'
- || !IP::isTrustedProxy( $curIP )
+ || !$proxyLookup->isTrustedProxy( $curIP )
) {
break; // IP is not valid/trusted or does not point to anything
}
if (
IP::isPublic( $ipchain[$i + 1] ) ||
$wgUsePrivateIPs ||
- IP::isConfiguredProxy( $curIP ) // bug 48919; treat IP as sane
+ $proxyLookup->isConfiguredProxy( $curIP ) // bug 48919; treat IP as sane
) {
// Follow the next IP according to the proxy
$nextIP = IP::canonicalize( $ipchain[$i + 1] );