Browse Source
Add IRequest taint sources
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>tags/v21.0.0beta1
Lukas Reschke
3 years ago
1 changed files with 16 additions and 0 deletions
+ 16
- 0
lib/public/IRequest.php
View File
| @@ -107,6 +107,8 @@ interface IRequest { | |||
| /** | |||
| * @param string $name | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @return string | |||
| * @since 6.0.0 | |||
| */ | |||
| @@ -116,6 +118,8 @@ interface IRequest { | |||
| * Lets you access post and get parameters by the index | |||
| * In case of json requests the encoded json body is accessed | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @param string $key the key which you want to access in the URL Parameter | |||
| * placeholder, $_POST or $_GET array. | |||
| * The priority how they're returned is the following: | |||
| @@ -134,6 +138,8 @@ interface IRequest { | |||
| * | |||
| * (as GET or POST) or through the URL by the route | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @return array the array with all parameters | |||
| * @since 6.0.0 | |||
| */ | |||
| @@ -170,6 +176,8 @@ interface IRequest { | |||
| /** | |||
| * Shortcut for getting cookie variables | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @param string $key the key that will be taken from the $_COOKIE array | |||
| * @return string|null the value in the $_COOKIE element | |||
| * @since 6.0.0 | |||
| @@ -244,6 +252,8 @@ interface IRequest { | |||
| * Returns the request uri, even if the website uses one or more | |||
| * reverse proxies | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @return string | |||
| * @since 8.1.0 | |||
| */ | |||
| @@ -252,6 +262,8 @@ interface IRequest { | |||
| /** | |||
| * Get raw PathInfo from request (not urldecoded) | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @throws \Exception | |||
| * @return string Path info | |||
| * @since 8.1.0 | |||
| @@ -261,6 +273,8 @@ interface IRequest { | |||
| /** | |||
| * Get PathInfo from request | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @throws \Exception | |||
| * @return string|false Path info or false when not found | |||
| * @since 8.1.0 | |||
| @@ -289,6 +303,8 @@ interface IRequest { | |||
| * Returns the unverified server host from the headers without checking | |||
| * whether it is a trusted domain | |||
| * | |||
| * @psalm-taint-source input | |||
| * | |||
| * @return string Server host | |||
| * @since 8.1.0 | |||
| */ | |||
Loading…